ezcash.vn Open in urlscan Pro
104.21.52.124 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ezcash.vn/
Submission: On July 21 via manual (July 21st 2023, 3:07:54 pm UTC) from VN — Scanned from PT

Summary HTTP 190 Redirects Links 27 Behaviour Indicators

Summary

This website contacted 27 IPs in 8 countries across 28 domains to perform 190 HTTP transactions. The main IP is 104.21.52.124, located in and belongs to CLOUDFLARENET, US. The main domain is ezcash.vn.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 30th 2022. Valid for: a year.

This is the only time ezcash.vn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 65	104.21.52.124 104.21.52.124	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.250.186.106 142.250.186.106	15169 (GOOGLE) (GOOGLE)
3	216.58.206.40 216.58.206.40	15169 (GOOGLE) (GOOGLE)
15	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	104.16.56.101 104.16.56.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	142.250.184.227 142.250.184.227	15169 (GOOGLE) (GOOGLE)
15	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	216.58.206.46 216.58.206.46	15169 (GOOGLE) (GOOGLE)
1	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
2	173.194.76.154 173.194.76.154	15169 (GOOGLE) (GOOGLE)
2	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
5	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1 6	142.250.186.68 142.250.186.68	15169 (GOOGLE) (GOOGLE)
5	216.58.206.35 216.58.206.35	15169 (GOOGLE) (GOOGLE)
19	142.250.186.129 142.250.186.129	15169 (GOOGLE) (GOOGLE)
3	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2	91.228.74.206 91.228.74.206	16509 (AMAZON-02) (AMAZON-02)
4 4	3.124.112.76 3.124.112.76	16509 (AMAZON-02) (AMAZON-02)
1 15	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1 2	104.18.24.173 104.18.24.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	35.156.62.67 35.156.62.67	16509 (AMAZON-02) (AMAZON-02)
1 2	23.32.185.35 23.32.185.35	16625 (AKAMAI-AS) (AKAMAI-AS)
1	63.215.202.140 63.215.202.140	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	99.81.57.224 99.81.57.224	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.5.132 37.157.5.132	198622 (ADFORM) (ADFORM)
190	27

65 104.21.52.124 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ezcash.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.206.40 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.56.101 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.46 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.76.154 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

www.google.pt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.68 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.206 (United Kingdom)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.124.112.76 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-112-76.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.184.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.24.173 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.156.62.67 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-62-67.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.185.35 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.215.202.140 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams01-nessy-float2.dotomi.com

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.251 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.57.224 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-57-224.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.132 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
65	ezcash.vn 1 redirects ezcash.vn	1 MB
34	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 132 tpc.googlesyndication.com — Cisco Umbrella Rank: 153	471 KB
32	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 stats.g.doubleclick.net — Cisco Umbrella Rank: 116 cm.g.doubleclick.net — Cisco Umbrella Rank: 243	139 KB
21	gstatic.com fonts.gstatic.com www.gstatic.com	336 KB
12	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2609 adservice.google.com — Cisco Umbrella Rank: 117 www.google.com — Cisco Umbrella Rank: 3	2 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 74	5 KB
4	w55c.net 4 redirects pm.w55c.net — Cisco Umbrella Rank: 910	3 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 346	1 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 386	793 B
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 211	169 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 69	204 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 601	1 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1328	452 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 791 s.tribalfusion.com — Cisco Umbrella Rank: 1862	1 KB
2	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 818	929 B
2	google.pt www.google.pt — Cisco Umbrella Rank: 14167	515 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 56	21 KB
2	dmca.com images.dmca.com — Cisco Umbrella Rank: 14044	5 KB
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 461	717 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 900	731 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 784	338 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 588	363 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 41294	609 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 865	712 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3025	104 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2200	173 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1150	601 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1162	7 KB
190	28

	Domain	Requested by
65	ezcash.vn	1 redirects ezcash.vn static.cloudflareinsights.com
19	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
16	fonts.gstatic.com	fonts.googleapis.com
15	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net ezcash.vn
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net ezcash.vn
15	pagead2.googlesyndication.com	ezcash.vn pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	www.google.com	1 redirects ezcash.vn googleads.g.doubleclick.net tpc.googlesyndication.com
5	www.gstatic.com	googleads.g.doubleclick.net
5	adservice.google.com	pagead2.googlesyndication.com
5	fonts.googleapis.com	ezcash.vn googleads.g.doubleclick.net
4	pm.w55c.net	4 redirects
3	x.bidswitch.net	3 redirects
3	match.adsrvr.org	googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
3	www.googletagmanager.com	ezcash.vn www.googletagmanager.com
2	c1.adform.net	2 redirects
2	sync.teads.tv	1 redirects
2	cms.quantserve.com	googleads.g.doubleclick.net
2	www.google.pt	ezcash.vn
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	images.dmca.com	ezcash.vn
1	pr-bh.ybp.yahoo.com	1 redirects
1	sync.mathtag.com	1 redirects
1	onetag-sys.com	1 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	gcm.ctnsnet.com	1 redirects
1	um.simpli.fi	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	tr.blismedia.com	googleads.g.doubleclick.net
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.analytics.google.com	www.googletagmanager.com
1	static.cloudflareinsights.com	ezcash.vn
190	35

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.linkedin.com
www.pinterest.com
ezcashvn.tumblr.com
twitter.com
nhakhoavietsmile.com
www.dmca.com
ezbeauty.vn

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-30` - `2023-08-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
images.dmca.com R3	`2023-07-12` - `2023-10-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.google.pt GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-06-09` - `2023-09-07`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh

This page contains 23 frames:

Primary Page: https://ezcash.vn/
Frame ID: A4D911015B2838E53317B2329301F5FA
Requests: 105 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20190131/zrt_lookup.html
Frame ID: 8AE21176998E80629C5EA01B8031212B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&h=90&adk=4100517743&adf=1183505835&w=728&lmt=1689952065&format=728x90&url=https%3A%2F%2Fezcash.vn%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689952065354&bpp=3&bdt=2569&idt=258&shv=r20230719&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&correlator=3657160247113&frm=20&pv=2&ga_vid=1093599422.1689952066&ga_sid=1689952066&ga_hid=10922184&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076162%2C31076208%2C31076252%2C42531705%2C44788441%2C44789819%2C44797785&oid=2&pvsid=511402500215813&tmod=1210082220&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=pg2IYRBZEE&p=https%3A//ezcash.vn&dtd=275
Frame ID: 399606E3B13C15A5388129BD459D1CBD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&h=250&adk=3158972657&adf=2806652664&w=300&lmt=1689952065&format=300x250&url=https%3A%2F%2Fezcash.vn%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689952065357&bpp=1&bdt=2573&idt=278&shv=r20230719&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=3657160247113&frm=20&pv=1&ga_vid=1093599422.1689952066&ga_sid=1689952066&ga_hid=10922184&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=2043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076162%2C31076208%2C31076252%2C42531705%2C44788441%2C44789819%2C44797785&oid=2&pvsid=511402500215813&tmod=1210082220&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ZwFlMsDnsi&p=https%3A//ezcash.vn&dtd=284
Frame ID: 1503E24D193A407F1FC5BED5211E243F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&adk=1812271804&adf=3025194257&lmt=1689952066&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_l%7C236x810_r&format=0x0&url=https%3A%2F%2Fezcash.vn%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689952066706&bpp=1&bdt=3922&idt=2&shv=r20230719&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2a604d250f8f045-227b032735de002a%3AT%3D1689952065%3ART%3D1689952065%3AS%3DALNI_MZ3RLA_igbtWAnnizIH3flM6jWCWg&gpic=UID%3D00000cffeba318aa%3AT%3D1689952065%3ART%3D1689952065%3AS%3DALNI_Mb1qH2x91YVf6Y9vFnGGilf_tvHWQ&prev_fmts=728x90%2C300x250&nras=1&correlator=3657160247113&frm=20&pv=1&ga_vid=1093599422.1689952066&ga_sid=1689952066&ga_hid=10922184&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076162%2C31076208%2C31076252%2C42531705%2C44788441%2C44789819%2C44797785&oid=2&pvsid=511402500215813&tmod=1210082220&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=22
Frame ID: D52B29DA8B7C40210B973F3B95AEFFAB
Requests: 1 HTTP requests in this frame

Frame: https://ezcash.vn/cdn-cgi/challenge-platform/h/b/scripts/jsd/e6489737/invisible.js
Frame ID: 1D580375EC15A5AE694BC0D3D3C28770
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&h=280&adk=342529684&adf=2591393878&pi=t.aa~a.3806930284~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689952067&rafmt=1&to=qs&pwprc=3986467712&format=1200x280&url=https%3A%2F%2Fezcash.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689952067681&bpp=2&bdt=4896&idt=-M&shv=r20230719&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2a604d250f8f045-227b032735de002a%3AT%3D1689952065%3ART%3D1689952065%3AS%3DALNI_MZ3RLA_igbtWAnnizIH3flM6jWCWg&gpic=UID%3D00000cffeba318aa%3AT%3D1689952065%3ART%3D1689952065%3AS%3DALNI_Mb1qH2x91YVf6Y9vFnGGilf_tvHWQ&prev_fmts=728x90%2C300x250%2C0x0&nras=2&correlator=3657160247113&frm=20&pv=1&ga_vid=1093599422.1689952066&ga_sid=1689952066&ga_hid=10922184&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076162%2C31076208%2C31076252%2C42531705%2C44788441%2C44789819%2C44797785&oid=2&pvsid=511402500215813&tmod=1210082220&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=JHUJvQzHPW&p=https%3A//ezcash.vn&dtd=11
Frame ID: F3906EF0C704CF1A2A82824A1E9E6906
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&h=280&adk=342529684&adf=1947265008&pi=t.aa~a.3806966213~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689952067&rafmt=1&to=qs&pwprc=3986467712&format=1200x280&url=https%3A%2F%2Fezcash.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689952067681&bpp=1&bdt=4896&idt=-M&shv=r20230719&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2a604d250f8f045-227b032735de002a%3AT%3D1689952065%3ART%3D1689952065%3AS%3DALNI_MZ3RLA_igbtWAnnizIH3flM6jWCWg&gpic=UID%3D00000cffeba318aa%3AT%3D1689952065%3ART%3D1689952065%3AS%3DALNI_Mb1qH2x91YVf6Y9vFnGGilf_tvHWQ&prev_fmts=728x90%2C300x250%2C0x0%2C1200x280&nras=3&correlator=3657160247113&frm=20&pv=1&ga_vid=1093599422.1689952066&ga_sid=1689952066&ga_hid=10922184&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2556&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076162%2C31076208%2C31076252%2C42531705%2C44788441%2C44789819%2C44797785&oid=2&pvsid=511402500215813&tmod=1210082220&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=0GZmeNr4Lx&p=https%3A//ezcash.vn&dtd=40
Frame ID: C1C21708CB7C172461AA7BF9C787767D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&h=250&adk=4246380789&adf=2417272941&pi=t.aa~a.2459291753~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1689952067&rafmt=1&to=qs&pwprc=3986467712&format=324x250&url=https%3A%2F%2Fezcash.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689952067681&bpp=1&bdt=4896&idt=-M&shv=r20230719&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2a604d250f8f045-227b032735de002a%3AT%3D1689952065%3ART%3D1689952065%3AS%3DALNI_MZ3RLA_igbtWAnnizIH3flM6jWCWg&gpic=UID%3D00000cffeba318aa%3AT%3D1689952065%3ART%3D1689952065%3AS%3DALNI_Mb1qH2x91YVf6Y9vFnGGilf_tvHWQ&prev_fmts=728x90%2C300x250%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=3657160247113&frm=20&pv=1&ga_vid=1093599422.1689952066&ga_sid=1689952066&ga_hid=10922184&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=3609&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076162%2C31076208%2C31076252%2C42531705%2C44788441%2C44789819%2C44797785&oid=2&pvsid=511402500215813&tmod=1210082220&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=Kg7mUXjoch&p=https%3A//ezcash.vn&dtd=44
Frame ID: E1F453042DE08DEC968D392606B23A88
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&h=250&adk=4246380789&adf=3654185071&pi=t.aa~a.715776121~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1689952067&rafmt=1&to=qs&pwprc=3986467712&format=324x250&url=https%3A%2F%2Fezcash.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689952067681&bpp=1&bdt=4897&idt=0&shv=r20230719&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2a604d250f8f045-227b032735de002a%3AT%3D1689952065%3ART%3D1689952065%3AS%3DALNI_MZ3RLA_igbtWAnnizIH3flM6jWCWg&gpic=UID%3D00000cffeba318aa%3AT%3D1689952065%3ART%3D1689952065%3AS%3DALNI_Mb1qH2x91YVf6Y9vFnGGilf_tvHWQ&prev_fmts=728x90%2C300x250%2C0x0%2C1200x280%2C1200x280%2C324x250&nras=5&correlator=3657160247113&frm=20&pv=1&ga_vid=1093599422.1689952066&ga_sid=1689952066&ga_hid=10922184&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=4325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076162%2C31076208%2C31076252%2C42531705%2C44788441%2C44789819%2C44797785&oid=2&pvsid=511402500215813&tmod=1210082220&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=WqI5x2nS2Z&p=https%3A//ezcash.vn&dtd=54
Frame ID: BC4A657BCE91B773F91AFDD588013F37
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1079F6F7F52256B01C713521D3F85D72
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0921D14CE0CBBF6F796388A599CD1D76
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 79A921BFD65B3661FE3CA9B6844EC7BD
Requests: 9 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: E2BC1A4C958F9D707FC81F20BEF61633
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AF981736969D8B9A3B67AC6C6AA3B671
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B626A548812BDD60857B925C39A43CC0
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&h=280&adk=326101615&adf=3347376195&pi=t.aa~a.307254967~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689952068&rafmt=1&to=qs&pwprc=3986467712&format=1200x280&url=https%3A%2F%2Fezcash.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689952067685&bpp=1&bdt=4901&idt=0&shv=r20230719&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2a604d250f8f045-227b032735de002a%3AT%3D1689952065%3ART%3D1689952065%3AS%3DALNI_MZ3RLA_igbtWAnnizIH3flM6jWCWg&gpic=UID%3D00000cffeba318aa%3AT%3D1689952065%3ART%3D1689952065%3AS%3DALNI_Mb1qH2x91YVf6Y9vFnGGilf_tvHWQ&prev_fmts=728x90%2C300x250%2C0x0%2C1200x280%2C1200x280%2C324x250%2C324x250%2C1600x1200%2C1005x124&nras=8&correlator=3657160247113&frm=20&pv=1&ga_vid=1093599422.1689952066&ga_sid=1689952066&ga_hid=10922184&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4575&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076162%2C31076208%2C31076252%2C42531705%2C44788441%2C44789819%2C44797785&oid=2&pvsid=511402500215813&tmod=1210082220&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=zwDrCX2dyS&p=https%3A//ezcash.vn&dtd=596
Frame ID: 08E87DA42F5C90E2836B7BED66A2648F
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js
Frame ID: C9966E51D9C9B81708469FBB3BD68882
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B7B786A1D21431AA55A9BF63D0260DF1
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js
Frame ID: 6029CD798262A4C53A91EE00210302B5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js
Frame ID: EC8F75849118641B9B3A00054BB388CB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A039CD2678B848EBA2832BAC9D0BDCE2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 64B7C5A4626E6E319D945A35ADC94D98
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tư vấn vay tiền mặt dễ dàng - EzCash.vn

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

190
Requests

93 %
HTTPS

0 %
IPv6

28
Domains

35
Subdomains

27
IPs

8
Countries

2691 kB
Transfer

6606 kB
Size

24
Cookies

27 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/taichinhdedang

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ezcash_vn

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/ezcashvn/

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/ezcashbm

Search URL Search Domain Scan URL

URL: https://ezcashvn.tumblr.com/

Search URL Search Domain Scan URL

URL: https://twitter.com/Ezcashvn

Search URL Search Domain Scan URL

URL: https://nhakhoavietsmile.com/
Title: nha khoa

Search URL Search Domain Scan URL

URL: https://nhakhoavietsmile.com/nieng-rang/
Title: niềng răng

Search URL Search Domain Scan URL

URL: https://nhakhoavietsmile.com/trong-rang-implant/
Title: trồng răng implant

Search URL Search Domain Scan URL

URL: https://nhakhoavietsmile.com/boc-rang-su/
Title: bọc răng sứ

Search URL Search Domain Scan URL

URL: https://nhakhoavietsmile.com/nho-rang-khon/
Title: nhổ răng khôn

Search URL Search Domain Scan URL

URL: https://nhakhoavietsmile.com/tay-trang-rang/
Title: tẩy trắng răng

Search URL Search Domain Scan URL

URL: https://nhakhoavietsmile.com/danh-sach-bac-si/bac-si/
Title: bác sĩ nha khoa

Search URL Search Domain Scan URL

URL: https://nhakhoavietsmile.com/lay-cao-rang/
Title: lấy cao răng

Search URL Search Domain Scan URL

URL: https://nhakhoavietsmile.com/tram-rang/
Title: trám răng

Search URL Search Domain Scan URL

URL: https://nhakhoavietsmile.com/cao-voi-rang/
Title: cạo vôi răng

Search URL Search Domain Scan URL

URL: https://nhakhoavietsmile.com/nieng-rang-trong-suot/
Title: niềng răng trong suốt

Search URL Search Domain Scan URL

URL: https://nhakhoavietsmile.com/nieng-rang-trong-suot-pinktray/
Title: niềng răng pinktray

Search URL Search Domain Scan URL

URL: https://nhakhoavietsmile.com/nieng-rang-trong-suot-invisalign/
Title: niềng răng invisalign

Search URL Search Domain Scan URL

URL: https://nhakhoavietsmile.com/cuoi-ho-loi/
Title: cười hở lợi

Search URL Search Domain Scan URL

URL: https://nhakhoavietsmile.com/dan-su-veneer/
Title: dán sứ veneer

Search URL Search Domain Scan URL

URL: https://nhakhoavietsmile.com/lam-trang-rang/
Title: cách làm trắng răng

Search URL Search Domain Scan URL

URL: https://nhakhoavietsmile.com/bang-gia-va-chi-phi-nieng-rang-moi-nhat/
Title: niềng răng bao nhiêu tiền

Search URL Search Domain Scan URL

URL: https://nhakhoavietsmile.com/bang-gia-nieng-rang-tra-gop-tai-viet-smile/
Title: niềng răng trả góp

Search URL Search Domain Scan URL

URL: https://nhakhoavietsmile.com/bang-gia-dich-vu-nha-khoa-uy-tin/
Title: nha khoa gần đây

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=d08aa2e2-e313-4974-b8df-3a570d7741fd&refurl=https://ezcash.vn/

Search URL Search Domain Scan URL

URL: https://ezbeauty.vn/
Title: EzBeauty.vn

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 90

https://ezcash.vn/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://ezcash.vn/cdn-cgi/challenge-platform/h/b/scripts/jsd/e6489737/invisible.js

Request Chain 137

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKpQa1z9JLnf36cF52ja33k&google_cver=1&google_push=AaAOQGFT_Gdr-WFrPyejoijRsd79ZXP6Oo0fRcs5AuU4ZdG_OF6N54zCeW4xia3vzLj6y8oTZ6qk6Os8f9FZpa-2XvvuSSn0ebwNNQs HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKpQa1z9JLnf36cF52ja33k&google_cver=1&google_push=AaAOQGFT_Gdr-WFrPyejoijRsd79ZXP6Oo0fRcs5AuU4ZdG_OF6N54zCeW4xia3vzLj6y8oTZ6qk6Os8f9FZpa-2XvvuSSn0ebwNNQs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eG5XRnA4d2IxUW1SSnQ1&google_gid=CAESEKpQa1z9JLnf36cF52ja33k&google_cver=1&google_push=AaAOQGFT_Gdr-WFrPyejoijRsd79ZXP6Oo0fRcs5AuU4ZdG_OF6N54zCeW4xia3vzLj6y8oTZ6qk6Os8f9FZpa-2XvvuSSn0ebwNNQs

Request Chain 138

https://a.tribalfusion.com/i.match?p=b6&u=CAESEL5yfLYNBS7RGtcUDfignVw&google_cver=1&google_push=AaAOQGEmB3ECQoptTOr6KUzg-wWdeiVIMmDp-eGx53z97vHqPSWQPjJ9nbz875CBvJ5pViX-4kUgyE4ZaRQ8w9gO4VgIBEIDmaWwhZw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGEmB3ECQoptTOr6KUzg-wWdeiVIMmDp-eGx53z97vHqPSWQPjJ9nbz875CBvJ5pViX-4kUgyE4ZaRQ8w9gO4VgIBEIDmaWwhZw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEL5yfLYNBS7RGtcUDfignVw&google_cver=1&google_push=AaAOQGEmB3ECQoptTOr6KUzg-wWdeiVIMmDp-eGx53z97vHqPSWQPjJ9nbz875CBvJ5pViX-4kUgyE4ZaRQ8w9gO4VgIBEIDmaWwhZw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGEmB3ECQoptTOr6KUzg-wWdeiVIMmDp-eGx53z97vHqPSWQPjJ9nbz875CBvJ5pViX-4kUgyE4ZaRQ8w9gO4VgIBEIDmaWwhZw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 141

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEN1ZS05ZZipvmbEK5pW6x38&google_cver=1&google_push=AaAOQGG_k-SPWA33annGxHpaQk_gVk5__1tju_lbun0WCkyt3jaVjtQTeUj1OtfMKW5wONbaBw6ple92YmsjHq94tI7bGuoCZZ0WzIA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGG_k-SPWA33annGxHpaQk_gVk5__1tju_lbun0WCkyt3jaVjtQTeUj1OtfMKW5wONbaBw6ple92YmsjHq94tI7bGuoCZZ0WzIA&google_hm=

Request Chain 142

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEEhPXB-kBfl_qqUxpDNbfWk&google_cver=1&google_push=AaAOQGHKYMgmTbZMKLJs2GjdLY6yOxSWhAmSh-KZ1BzGmLg57LJWY-vCy8v7FK7nkQqHSQrD-Fo5Vw6kKuI5tp7_XW4KdvzdzX40g28 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGHKYMgmTbZMKLJs2GjdLY6yOxSWhAmSh-KZ1BzGmLg57LJWY-vCy8v7FK7nkQqHSQrD-Fo5Vw6kKuI5tp7_XW4KdvzdzX40g28 HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 147

https://um.simpli.fi/gp_match?google_gid=CAESEAFldsMmrRUkah6psqm3qnA&google_cver=1&google_push=AaAOQGERoeVLAq8bXoZZuUfPmTH_R2HdirVc4HsZaQcD-gdqlc0_8QsFG-SG0Mbd-en_CYuW4_0hBb3bgBQwdo1N_2KyUs2IBiZwOg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E0E56D32F0574AC9A9F22672E7841348&google_push=AaAOQGERoeVLAq8bXoZZuUfPmTH_R2HdirVc4HsZaQcD-gdqlc0_8QsFG-SG0Mbd-en_CYuW4_0hBb3bgBQwdo1N_2KyUs2IBiZwOg

Request Chain 149

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPKXToxl7Zy5Yy83qVoM6sQ&google_cver=1&google_push=AaAOQGG6FHU_FIXITgycAeSRPuzNj0qtsRKB5C0QtcWf5jg_7LVeEd5lSTDKcgLavmAar68v26drCQaY6K12rfDsgodbZAYsknCzpA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGG6FHU_FIXITgycAeSRPuzNj0qtsRKB5C0QtcWf5jg_7LVeEd5lSTDKcgLavmAar68v26drCQaY6K12rfDsgodbZAYsknCzpA&google_hm=22Cw6xx-T5uq6HVvk_04U1I

Request Chain 150

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEN1ZS05ZZipvmbEK5pW6x38&google_cver=1&google_push=AaAOQGH-GbcTM3rNKlnDY7IvhrVf8KNKUTQP3dj102xjdyLxPoCLvKb0b7Q18gXC8ysF3h7miYyhxldsGnc0_VaxP_RvHHUDYg6fgA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGH-GbcTM3rNKlnDY7IvhrVf8KNKUTQP3dj102xjdyLxPoCLvKb0b7Q18gXC8ysF3h7miYyhxldsGnc0_VaxP_RvHHUDYg6fgA&google_hm=

Request Chain 152

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEDy8iv_9U9VBvsa7ItNS0p8&google_cver=1&google_push=AaAOQGEF4HNMXT8iKqTbALB69tzaulS8H6t9OLkA5qzY1PAsZiKMpGOG3TV-8sGSXE56YRnUoCmk88sbOFBC9WTZYNdzgY-ghkeAeA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEF4HNMXT8iKqTbALB69tzaulS8H6t9OLkA5qzY1PAsZiKMpGOG3TV-8sGSXE56YRnUoCmk88sbOFBC9WTZYNdzgY-ghkeAeA

Request Chain 154

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 174

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKpQa1z9JLnf36cF52ja33k&google_cver=1&google_push=AaAOQGHLb8C2ZtJBhWR8FtyVz8KOn1M7sXnA42tdhcn-0v_lbXfyOjfgLkCa_O9gdIMJUyXO29MISaAlca327RJXacWhtIKp503Pnw HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKpQa1z9JLnf36cF52ja33k&google_cver=1&google_push=AaAOQGHLb8C2ZtJBhWR8FtyVz8KOn1M7sXnA42tdhcn-0v_lbXfyOjfgLkCa_O9gdIMJUyXO29MISaAlca327RJXacWhtIKp503Pnw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NnpKQW5BRmQxUW1SSnQ1&google_gid=CAESEKpQa1z9JLnf36cF52ja33k&google_cver=1&google_push=AaAOQGHLb8C2ZtJBhWR8FtyVz8KOn1M7sXnA42tdhcn-0v_lbXfyOjfgLkCa_O9gdIMJUyXO29MISaAlca327RJXacWhtIKp503Pnw

Request Chain 175

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESED4YbqhvgF48k4lnBPdLmGU&google_cver=1&google_push=AaAOQGERnLgpHBaHkH7NBB7Fv5TtkqxZGnrRad9o1I0gKznzF_ShnBQTA0GZc5Omz26TH2RPp9BLE0lT2xCTaQVu75PG2N4-dD2boQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGERnLgpHBaHkH7NBB7Fv5TtkqxZGnrRad9o1I0gKznzF_ShnBQTA0GZc5Omz26TH2RPp9BLE0lT2xCTaQVu75PG2N4-dD2boQ

Request Chain 177

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEN1ZS05ZZipvmbEK5pW6x38&google_cver=1&google_push=AaAOQGEEvCe4vaUaaQKh_kCXYD04V4yo6vrTw_X9yaq_OSXJ83qJ2Tc3DEEK26RtPVgUlL2hEsRfPRTMNMSnwARIdilBiBp1OgTHvX4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGEEvCe4vaUaaQKh_kCXYD04V4yo6vrTw_X9yaq_OSXJ83qJ2Tc3DEEK26RtPVgUlL2hEsRfPRTMNMSnwARIdilBiBp1OgTHvX4&google_hm=

Request Chain 178

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEODFrnGodc4QAPUDPS3bVNo&google_cver=1&google_push=AaAOQGFkZ1uUNDGsuqgEn4Xk3Lo7GYh0ytsj8Y7goHaQnI4c5wB7lvNOlidwHvge-Y1tzt35tFRZTUyIzzqkCzRQy7P_XTCZkyfPCv8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFkZ1uUNDGsuqgEn4Xk3Lo7GYh0ytsj8Y7goHaQnI4c5wB7lvNOlidwHvge-Y1tzt35tFRZTUyIzzqkCzRQy7P_XTCZkyfPCv8&google_hm=eS1rcmJfLnpkRTJwSDZUYldIN1hGcVdKdmwwQXI5bUVQOH5B

Request Chain 179

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEESK5H-EQ_PFPWfavs7tdwY&google_cver=1&google_push=AaAOQGG5pBOYycK69pAYmYE4Vq6vhcDw-OU2iz1bDTThGw33GdXUEKuC6EBIG8Wb_i0GO8ndDTZiVsWXZpzP4TFcMumVSn2HKk1gxZM HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEESK5H-EQ_PFPWfavs7tdwY&google_cver=1&google_push=AaAOQGG5pBOYycK69pAYmYE4Vq6vhcDw-OU2iz1bDTThGw33GdXUEKuC6EBIG8Wb_i0GO8ndDTZiVsWXZpzP4TFcMumVSn2HKk1gxZM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzQ1ODAxNTU3ODUwNjYwNzQ1OQ&google_push=AaAOQGG5pBOYycK69pAYmYE4Vq6vhcDw-OU2iz1bDTThGw33GdXUEKuC6EBIG8Wb_i0GO8ndDTZiVsWXZpzP4TFcMumVSn2HKk1gxZM

190 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ezcash.vn/ 270 KB
36 KB 1085ms
782ms Document
text/html 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.8 PleskLin
Resource Hash: 5d4887c9a2b1ae027a71bac214f5ade542449d779f70b03a2c10b2ac2ff13633

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7ea45ae3a942665d-MAD
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 21 Jul 2023 15:07:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H47l9OBLKgdrgoye1IyapjtJREPf7k0m8jz96xeeQHYCjuipebcDnBekwCejBMXZf8X9AqfwtoUQP0oGgDFkxqDr9lJwfSN6e6PYdwWm5642yKGRHb6fJRlNPys%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Cookie
x-powered-by: PHP/8.2.8 PleskLin

GET
H2 200 style.min.css
ezcash.vn/wp-includes/css/dist/block-library/ 95 KB
13 KB 1426ms
1421ms Stylesheet
text/css 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Mar 2023 04:58:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"642516ef-17ced"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SsdXKxxYFPH%2FNDG%2Fmig0tYoReLO9C79Krc78%2BOZ3GoKhUjAcICqdXV%2B8MACJmhRTNrlVOLOZMWzcZ5xKz3bXOCL9EVc75r3da90PB6eImzR8Zkvne%2FJxKL6BfzI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7ea45ae8991c665d-MAD
alt-svc: h3=":443"; ma=86400

GET
H2 200 classic-themes.min.css
ezcash.vn/wp-includes/css/ 291 B
504 B 864ms
859ms Stylesheet
text/css 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Mar 2023 04:58:23 GMT
x-accel-version: 0.01
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"123-5f816f13059c0"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XFi3acnAO9xx2zC%2Fee5W8Dv3w1fAwW%2FceJI1fDP2AbsfCkCoLfNjO2pzfZ6bjzMblHhCdxLmkCyqaUl5W4fklQIdGSf%2FI6T7M5IMslcY3DsMS%2B%2BgSYoH2LXo8OA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7ea45ae89921665d-MAD
alt-svc: h3=":443"; ma=86400

GET
H2 200 kk-star-ratings.css
ezcash.vn/wp-content/plugins/kk-star-ratings/src/core/public/css/ 2 KB
820 B 920ms
915ms Stylesheet
text/css 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/plugins/kk-star-ratings/src/core/public/css/kk-star-ratings.css?ver=5.4.5
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 35a8d75a1b3f712d7d927c91d878d05110e6db8192c7daf8a825bb8e240ced69

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:43 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=3093
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 07 Jul 2023 04:56:37 GMT
server: cloudflare
etag: W/"64a79b05-c15"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2F9n0SydttD1sKuPHe2G1Jx52ASGL5g8kzzWRyV0O6vS7Ue7Km6Xm6O%2BX%2BUPUJb7KtYyAk4ONbXKNvowR5iMkYcxPYgmmWNASMMaBPmpPojTgeCF3zUy0JfZ%2Bfc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7ea45ae89924665d-MAD

GET
H2 200 style.css
ezcash.vn/wp-content/plugins/wpdiscuz/themes/default/ 115 KB
20 KB 1652ms
1648ms Stylesheet
text/css 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/plugins/wpdiscuz/themes/default/style.css?ver=7.6.1
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2c9f053de25165ac9c67c00ae98011900d6ff1d96b2c21479197021739e1b095

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 04 Jun 2023 04:57:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"647c19c2-1cc65"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ttL30uj0DgLEL7tlOdSa8RSkWYAjrfL3exRsc83FZJfc4YC5fNhpeWI7SsLXU%2F0SkLy%2B%2Bl9bsbehsLKQdnEueCy5uZuxqY%2FEEhzifRmaKetkisOYabDnk11fCf0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7ea45ae89925665d-MAD
alt-svc: h3=":443"; ma=86400

GET
H2 200 fa.min.css
ezcash.vn/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/css/ 11 KB
3 KB 1025ms
1020ms Stylesheet
text/css 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/css/fa.min.css?ver=7.6.1
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a588dfe758e06146624931c48d365f8a00d5c259bd2759c538796bf89550eb5f

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 04 Jun 2023 04:57:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"647c19c2-2d55"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5zZ0z9q4rGHED8bEAFHZtxdkN7l%2BPAEn%2FdW0OY01MAaeXr%2BzzFcijsCmJ0OUXoSlFtDVT0ByKxUMP1ll3avO9yPWhkv987ndlzB0o6wXVF%2F8yWxu2uOQuR%2FTi8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7ea45ae89926665d-MAD
alt-svc: h3=":443"; ma=86400

GET
H2 200 wpdiscuz-combo.min.css
ezcash.vn/wp-content/plugins/wpdiscuz/assets/css/ 36 KB
7 KB 1198ms
1194ms Stylesheet
text/css 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/plugins/wpdiscuz/assets/css/wpdiscuz-combo.min.css?ver=6.2.2
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a61b8c70c730d778a12ecff9f7a17be9b8d25f04253fd0159f02ada438255853

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 04 Jun 2023 04:57:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"647c19c2-9023"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KoaRUweK1B%2FZUXq3IGRpGN6T0x9K%2FfwHpssTa4DT5NmbJavkCiEW9pWgOZq%2F%2FpM7GP0rEDm91KH5t6Dt7XcWIX3pL2s2cGDhggO4qxxaR4IAGC3XYkCfSZaFEUs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7ea45ae89927665d-MAD
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
ezcash.vn/wp-content/plugins/td-composer/td-multi-purpose/ 68 KB
10 KB 1338ms
1334ms Stylesheet
text/css 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=c784b8db3e66cd68082f3ff7aa2d70e6
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ed96e32ac80d73e209ed28add0756ace607005a88576332fcf19b6a3caf573b2

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 18 Dec 2022 01:43:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"639e7056-10f52"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wascLS5FoQGsNgA98RHZ7pas406%2BWb3XFEA7%2BzuyW9JQ4UYoyZWSdAUVXsbLCaVsHZcd3qP5fbsKkELj2UCWv%2BylflJrolX6eFWOan9Gj%2B8DFuUPRKP2gaaPbhQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7ea45ae89928665d-MAD
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 18 KB
1 KB 261ms
91ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Requested by

Host: ezcash.vn
URL: https://ezcash.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

ESF /

Resource Hash

48179bdd30f851393833662e441f13ecba7b8e87bf950270512db5bf5634db41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Jul 2023 15:07:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Jul 2023 15:07:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Jul 2023 15:07:43 GMT

GET
H2 200 tablepress-combined.min.css
ezcash.vn/wp-content/ 6 KB
3 KB 796ms
792ms Stylesheet
text/css 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/tablepress-combined.min.css?ver=28
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 92aeacf7c753ef2d80010916a6b043c746b6e3aecbe2f9d72aced663f38fb679

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:43 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 07 Jul 2023 04:57:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a79b3b-18b0"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d9ct4c6xkDZOSZfoS410BOB13rbMyE0Zjhsu2z4jJT%2FjyLeQOpPpGPCBuZZEd3zVxyhnpBSI1r49NhZVvR034ylNmLrujEPz4Y1gkVWhYNcm2aW7n8nh%2BtfOkP0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7ea45ae8992a665d-MAD
alt-svc: h3=":443"; ma=86400

GET
H2 200 tablepress-responsive.min.css
ezcash.vn/wp-content/plugins/tablepress-responsive-tables/css/ 9 KB
2 KB 903ms
899ms Stylesheet
text/css 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/plugins/tablepress-responsive-tables/css/tablepress-responsive.min.css?ver=1.8
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 27e54854af25b175f482f4acc3c32a5dfd363ae62292e66b9212764d323af2db

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 18 Dec 2022 01:42:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"639e7020-22aa"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T3ypgclHMUqrjcwCcfUYajF1xANkS1bw2LzOvOoPvt6BnMHtuGqaGhQzfpoC6fppiLPkruNX4o8tgOw429ABw3WjjXKFZvWd%2BIkhfZK3FV5zC5tsj6bxxfOppKA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7ea45ae8992c665d-MAD
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
ezcash.vn/wp-content/themes/Newspaper/ 152 KB
27 KB 1569ms
1565ms Stylesheet
text/css 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/themes/Newspaper/style.css?ver=6.2.2
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 680394dfe6b74578d2ac7e58594d1d8b8d02d1a7a9a444abe6e08f2ae66bf0b1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 18 Dec 2022 01:44:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"639e7060-261c3"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jClvsZ8ObxDgZ6f76LCpyH%2BJ8KBDrzse0hUwhDSzJ0hKxfxRKcdODAcsH2BCzmyJhd4lgXM0SfqRnNzRGqAVVfTgvtDFwPkIoFl6v81%2BjLoNn6e0S9HxMn4X5IU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7ea45ae8992e665d-MAD
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
ezcash.vn/wp-content/themes/Newspaper-child/ 333 B
544 B 930ms
926ms Stylesheet
text/css 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/themes/Newspaper-child/style.css?ver=10.3.9.1.1614265619
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a4c0de65ac4cf9c871a4381e7e3299a2d489970e2320f60bd35e561e08be118a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 18 Dec 2022 01:44:00 GMT
x-accel-version: 0.01
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"14d-5f0105634d800"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=labloOdrW4osn%2FzUm4aFmTZcLRKxknQapVuDebtfQgoHeCihPkCBNq%2F0z4Ekix6OqLd0YDuPOJ9eY%2FVZK3%2FnZqUQbBdYAFwuT5bn39%2BGUQO2JhjucJYvV9c6ZAc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7ea45ae8e992665d-MAD
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.lazyloadxt.spinner.css
ezcash.vn/wp-content/plugins/a3-lazy-load/assets/css/ 311 B
488 B 941ms
938ms Stylesheet
text/css 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/plugins/a3-lazy-load/assets/css/jquery.lazyloadxt.spinner.css?ver=6.2.2
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d982c4fff78c63ed84481eb36845e3b9e2753bfe996a3ba45835f75c6af1dc55

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 05 Jan 2023 05:56:29 GMT
x-accel-version: 0.01
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"137-5f17df64cfd40"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BEAK3N1Zcyxn6ih1kVzn2WPWccPxRKEFWM%2Fii%2FrsS%2FdbOeJ%2FQsOpmciPvBt1ivPYr7WjVyg3kv3A%2BYtCjvpdWU21rM7GcgmWSEvBo5QuZCiopsqRE56bhC6cbSY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7ea45ae8e993665d-MAD
alt-svc: h3=":443"; ma=86400

GET
H2 200 a3_lazy_load.min.css
ezcash.vn/wp-content/uploads/sass/ 127 B
405 B 943ms
940ms Stylesheet
text/css 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/uploads/sass/a3_lazy_load.min.css?ver=1670729630
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a2f1b190e5d5a3063c35b75b1a00c039b13e171eb7b099299dcb67e9e4fe65cd

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 18 Dec 2022 01:47:01 GMT
x-accel-version: 0.01
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"7f-5f01060feaf40"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eg%2By1yu5xBC0MuflcT9vCje2QrFgsq4CT0D3%2FmiCKPVsnsGRABkj8Pvp3Cx9EVDPuoVZc0DJhWXhRI82inBGhOWJDTc4i9k4eOzVCYalBmorFNzydjzysgj8bng%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7ea45ae8e995665d-MAD
alt-svc: h3=":443"; ma=86400

GET
H2 200 td_legacy_main.css
ezcash.vn/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 244 KB
35 KB 1942ms
1939ms Stylesheet
text/css 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=c784b8db3e66cd68082f3ff7aa2d70e6
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 5e88cefac5e42c621823471d18bd3f7bee0f5504f6aeb14a035a4ebce04b622f

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 18 Dec 2022 01:42:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"639e7020-3cfe4"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mpLCRQAQvp6NaThFIXeJ61cg6GSg930W3oe7D9%2FPkG33dUdgjCycldZMLRcI3IQ2oDqKmPX%2FrUGQa4TipK47CVtSU9yteM38428dzT3yPxNZboXmpl2P1crJPSs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7ea45ae8e998665d-MAD
alt-svc: h3=":443"; ma=86400

GET
H2 200 td_standard_pack_main.css
ezcash.vn/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ 621 KB
52 KB 2057ms
2054ms Stylesheet
text/css 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=6b62588d33477b8e3dc5b8b3c9c8d86c
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 13463b6a26f4ee2ce508df098003cdc101ebb17be48bb9b787665b4ada56cf58

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 18 Dec 2022 01:43:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"639e7056-9b323"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ftfzroFrRvXdYx3F7MKZ4uudbnv%2B9wZAyppDdOn%2FQM9stBnk8ss8%2BrQ7CoRDWCJXCACbYtGlnJGzenrpFSyhBwBOpIS65lkMBnn5Mhmnu0J2n9tKgGTDZnbcxpA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7ea45ae8e999665d-MAD
alt-svc: h3=":443"; ma=86400

GET
H2 200 demo_style.css
ezcash.vn/wp-content/plugins/td-composer/legacy/Newspaper/includes/demos/recipes/ 5 KB
1 KB 976ms
973ms Stylesheet
text/css 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/plugins/td-composer/legacy/Newspaper/includes/demos/recipes/demo_style.css?ver=10.3.9.1
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7a2d21e2e702c65ffd5637839a05bf37333b1cb5a24a7d008780aa031a7adbe1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 18 Dec 2022 01:43:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"639e704e-140c"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i2r7lKtU11uVYokPjAvL80j3a4KLd%2FVaAszB7oj%2BKtj4pwZn2dtQvDTUk8qdN8PeZXAmm9IWIuv3zZThOT%2FwA3k8Ixb3P3Vx8An%2BRaI8JPkrfxJJBZOeQ9wGYas%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7ea45ae8e99b665d-MAD
alt-svc: h3=":443"; ma=86400

GET
H2 200 tdb_less_front.css
ezcash.vn/wp-content/plugins/td-cloud-library/assets/css/ 106 KB
14 KB 1490ms
1487ms Stylesheet
text/css 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/plugins/td-cloud-library/assets/css/tdb_less_front.css?ver=a50385a2d79d6600973a7e697f735a0b
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 175148d4fdd889379200c6272e78ef47be5011cfac3148306096d45f22edea60

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 18 Dec 2022 01:42:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"639e7020-1a97b"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NgKM0Zfo2rc006F%2BQl0faz70h%2Fyof17Ha2mXu%2BD9NOJzdHbHcLSlNHVtuOnEhZoHQXSkXTp8rmRf0sPZgLLpSR970U7fjg3EGZ2ojKiPvQnGq9n%2FlkPYFZC28Zo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7ea45ae8e99e665d-MAD
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
ezcash.vn/wp-includes/js/jquery/ 88 KB
32 KB 1391ms
1388ms Script
application/javascript 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Mar 2023 04:58:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"642516ef-15ed7"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nJb571kdmLEyMGiJbUXvk2KHZ3sAKFQAzeH8WMMeefBXi1eGhc3Z5j7z25fAMJNkYfoWHxN7dbUx4jnMALRn3nYJKwam1pzosIFvle9VjqToFahCf9S6Y9O%2FOdE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ea45ae8e9a1665d-MAD
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
ezcash.vn/wp-includes/js/jquery/ 13 KB
5 KB 1084ms
1082ms Script
application/javascript 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Mar 2023 04:58:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"642516ef-3470"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aajQCIM62SsHyS7VNTJpe7172Ii4iGoeh%2BrONP0C29mjBhed3ypUPx3x1Sj6jm5%2B5dsmkBwG1zWoQxSKFbxlk56uB6Igz54jHenxf3b%2Bqi8j%2FLCAHLQBF36s34A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ea45ae8e9a3665d-MAD
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 178 KB
65 KB 260ms
92ms Script
application/javascript 216.58.206.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-162917087-1

Requested by

Host: ezcash.vn
URL: https://ezcash.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

9bb1746f67e09bc6b502df7359612cbacbf221e4a3b34bdfe500bd6e439ff75e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 65923
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Jul 2023 15:07:45 GMT

GET
H3 200 wp-emoji-release.min.js Show response
ezcash.vn/wp-includes/js/ 18 KB
5 KB 1120ms
1116ms Script
application/javascript 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Mar 2023 04:58:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"642516f0-4904"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hsv0pAfk2cTUngI4UQS5DTD%2BbvDAfT1CRjHqoL3u6FDKPZlJl8DBNPUgK%2BjbA5is4MDr1JbsHKI3w1O2Hb4Mwdy1CQMacmgzknp32cHoVnTTpuABjQr9CPWz7OE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ea45af5fecbff28-MAD
alt-svc: h3=":443"; ma=86400
priority: u=3,i=?0

GET
H3 200 logo_500x150.png
ezcash.vn/wp-content/uploads/2020/04/ 8 KB
9 KB 783ms
779ms Image
image/png 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2020/04/logo_500x150.png
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d8804a66490d927d2453d07427a70c6012c305c05cfde5c5c45b417dfa5e8b6f

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 8676
last-modified: Sun, 18 Dec 2022 01:44:04 GMT
server: cloudflare
etag: "639e7064-21e4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cg%2BDdYayKnaJIc2oaR8ZN5J2QoOJIAycrOyXjSzogAqZF%2F7SG5HK0Fp0%2BMjjNe8ITxv%2Fs88M6Uf20o3nFKmTFP1Dw%2FQNHLkpx%2BcZiHIGO6xZ1L8Zll%2Fs8kD2L5s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ea45af5feccff28-MAD
priority: u=3,i

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 315ms
142ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ezcash.vn
URL: https://ezcash.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

40b1e08090f6b44af52d116148d5c601cff1f648bd7330c09dfe91601f2d9f6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50968
x-xss-protection: 0
server: cafe
etag: 11926139821159594436
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 15:07:45 GMT

GET
H3 200 111-01.png
ezcash.vn/wp-content/uploads/2020/04/ 16 KB
16 KB 1002ms
998ms Image
image/png 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2020/04/111-01.png
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 86c218553e6e90c6d7cf89c5f7305ae7b7366f8733fc532bed816e6a89aa5565

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 15993
last-modified: Sun, 18 Dec 2022 01:44:02 GMT
server: cloudflare
etag: "639e7062-3e79"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tE4R3mhq2g06ttuCBdMs9%2FO1rVMGrympqaw25pVGtWSaPOfXcrH4klUl%2FpnUkwhlA4lA%2BECAhnvfNQvhR73YqMThCZ0Sx9HML1n%2FrW4PQrjgyc14vRBhoSo6aBw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ea45af5feceff28-MAD
priority: u=3,i

GET
H3 200 lazy_placeholder.gif
ezcash.vn/wp-content/plugins/a3-lazy-load/assets/images/ 42 B
532 B 877ms
873ms Image
image/gif 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/plugins/a3-lazy-load/assets/images/lazy_placeholder.gif
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 42
last-modified: Thu, 05 Jan 2023 05:56:29 GMT
x-accel-version: 0.01
server: cloudflare
etag: "2a-5f17df64cfd40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A578H%2BduGdjqgow2ZBcH46hXqZHpGf%2B07ucAb5JLmIs4gwwS4eMHqSzX%2BxWMDzJh4fiv4wOC3jSDuheC8OqsFtwaLow3OCjFIQA0GAw%2FmJWeJgle9Uhrz5wS14k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ea45af5fecfff28-MAD
priority: u=3,i

GET
H3 200 yy-324x160.jpg
ezcash.vn/wp-content/uploads/2023/07/ 13 KB
14 KB 1072ms
1069ms Image
image/jpeg 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2023/07/yy-324x160.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c76a36cff815e71d0f48fed00a1f66c283ca9786e6cc992bb505d32d0772a55e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 13395
last-modified: Fri, 21 Jul 2023 10:13:04 GMT
server: cloudflare
etag: "64ba5a30-3453"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gupZUMid0EoYwHYuKrdbuUOXuq7wYmr0KjvznR%2BZ1CgJxFzIZ5LH49%2Fy3V1waJ4YfF0IsXAz2UKzOqRP8SqNDwqX3CqEM4AWyxoJ6Vo%2BXPaldfbiWaPvR4qZ%2F9I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ea45af5fed1ff28-MAD
priority: u=3,i

GET
H3 200 Dia-chi-cam-o-to-uy-tin-nen-biet-tai-324x160.jpg
ezcash.vn/wp-content/uploads/2023/07/ 17 KB
17 KB 1120ms
1116ms Image
image/jpeg 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2023/07/Dia-chi-cam-o-to-uy-tin-nen-biet-tai-324x160.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: e9c7994e07ccb531150d024dc4fd7865c724bb78b95c2e0f25eb754b58edd1b4

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 17238
last-modified: Fri, 21 Jul 2023 10:10:57 GMT
server: cloudflare
etag: "64ba59b1-4356"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L5EK64UeN8sd8ytBKnWQ7eaDbsZkbNEKZkD3OaQ8oOcGWT5DlUULFSCXhxOCQNsPpX5OytvDCnoxVc%2BJNOrtnRDLaXulWS%2FtQTcmsQo42085%2BwOELflMkU5NYQw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ea45af5fed2ff28-MAD
priority: u=3,i

GET
H3 200 1689932161_tt-1-324x160.jpg
ezcash.vn/wp-content/uploads/2023/07/ 25 KB
26 KB 1148ms
1144ms Image
image/jpeg 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2023/07/1689932161_tt-1-324x160.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: f33d0cec533740488f73fb4041b19bbf6b84351924c687611e6dfc6f81776fd3

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:46 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 26084
last-modified: Fri, 21 Jul 2023 09:36:01 GMT
server: cloudflare
etag: "64ba5181-65e4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MsrZCh01IehC63siQwAD%2FLsW7Q6vJky1Y7KnGsBm4wDWmUOP7hDt39eQslOHtnahu3D14Y%2BGXzTUWFM2c4CR2v26kb65QaJcZ3nbSI5rL8P2ga1DP0QEKYlNhug%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ea45af5fed3ff28-MAD
priority: u=3,i

GET
H3 200 nb-324x160.jpg
ezcash.vn/wp-content/uploads/2023/07/ 11 KB
11 KB 953ms
949ms Image
image/jpeg 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2023/07/nb-324x160.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7f156825189a7982bfbcec4ae7aa77f62f14a00ebda9daf202da3340a5f544ea

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 10913
last-modified: Fri, 21 Jul 2023 09:02:57 GMT
server: cloudflare
etag: "64ba49c1-2aa1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f5918DqHVWFUdPSwyHwhTeV8pVSh1wI6uZKd2vAnk5ctXNBMkWAVxXlvvPmCjay33Rpn52LMwNPlOYSYelxh0IbegGOK9EW0fCo0Ivnr79vQceScOqQdjWDuyyI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ea45af5fed4ff28-MAD
priority: u=3,i

GET
H3 200 Swissmes-Lua-dao-hay-Danh-tieng-Toi-co-nen-tham-324x160.jpg
ezcash.vn/wp-content/uploads/2023/07/ 7 KB
8 KB 914ms
910ms Image
image/jpeg 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2023/07/Swissmes-Lua-dao-hay-Danh-tieng-Toi-co-nen-tham-324x160.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: eb48ffe86f04c411582f908d9ab9cce60bd25873fdebdee118adf1613fa6c084

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 7372
last-modified: Thu, 20 Jul 2023 10:10:11 GMT
server: cloudflare
etag: "64b90803-1ccc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BsqNhereWt%2FXL71cUrGSSUIlUr64%2BMCbG%2FMFdA13%2B10Ns6W0Dsp3kZ99izr8UcwUVgRm5%2BPeLAKf883xLM%2FMulb0mW0F%2FNalUYor7kq3sBZvZ55SgHfYZSpMghI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ea45af5fed5ff28-MAD
priority: u=3,i

GET
H3 200 Cong-ty-tai-chinh-SHB-Finance-la-gi-Co-uy-324x160.jpg
ezcash.vn/wp-content/uploads/2023/07/ 19 KB
20 KB 1120ms
1116ms Image
image/jpeg 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2023/07/Cong-ty-tai-chinh-SHB-Finance-la-gi-Co-uy-324x160.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 161c9820506c1ceedee1aea2b8c7767227411b1be5a78a5d5a0f28237dc07991

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:46 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 19705
last-modified: Thu, 20 Jul 2023 08:40:41 GMT
server: cloudflare
etag: "64b8f309-4cf9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FSpZmUyZBETVm6WlGcIn4uNsBVSc9XYZfx3Zmme1XuqdrS2VX%2FBadgDyJjQCf5K8x8SroIR21JrIgBy%2FWv%2BgWZw8We6oZeKGPIvjN61P%2BYZiC0lFTYCN%2BezxCmQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ea45af5fed6ff28-MAD
priority: u=3,i

GET
H3 200 Loi-quen-mang-khong-co-dang-ky-xe-phat-bao-324x160.jpg
ezcash.vn/wp-content/uploads/2023/07/ 21 KB
22 KB 1060ms
1056ms Image
image/jpeg 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2023/07/Loi-quen-mang-khong-co-dang-ky-xe-phat-bao-324x160.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 246ca4395058568b16777af223cb5881a3307e93d3349cb243ef3a77893ad748

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 21860
last-modified: Thu, 20 Jul 2023 08:33:49 GMT
server: cloudflare
etag: "64b8f16d-5564"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gvDJB4WoH7psNGJK2u%2BhFsT6h91c93b4eBkr%2FEojKmgEsTvyppm0T%2Bdo7ulxafJln8Y%2Fhk3MSd1TSF741eZVmoHdYXwpLWarD%2F1xJpI%2F1it4hbYYp99DKRU9xgY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ea45af5fed7ff28-MAD
priority: u=3,i

GET
H3 200 Cach-kiem-tien-online-tai-nha-hieu-qua-va-nhung-324x160.jpg
ezcash.vn/wp-content/uploads/2023/07/ 24 KB
24 KB 1061ms
1057ms Image
image/jpeg 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2023/07/Cach-kiem-tien-online-tai-nha-hieu-qua-va-nhung-324x160.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2d7403e3b7073f19fd97f2cb8d4de270e5387aedfee52ab6c5def09853e37c29

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 24127
last-modified: Thu, 20 Jul 2023 08:16:56 GMT
server: cloudflare
etag: "64b8ed78-5e3f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9XxqdzWFmEd9wIZExNOONf4XqDg%2FQohJ1qaIZyqiXdo3dASvtD3uzGfUTgHQC8lFuPsl9COWSXME5mcAcFEthFaz6YswUHoJhQL0SWEthDAgTnSsMahjGVQ5OGA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ea45af5fed8ff28-MAD
priority: u=3,i

GET
H3 200 img_61b84b285cdc5-324x160.png
ezcash.vn/wp-content/uploads/2023/07/ 41 KB
42 KB 1178ms
1174ms Image
image/png 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2023/07/img_61b84b285cdc5-324x160.png
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 0ef98704d53f8ae4f12faf687f69f460b7168d8d87cd273d5d0e206e05566ce1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:46 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 42432
last-modified: Wed, 19 Jul 2023 10:12:10 GMT
server: cloudflare
etag: "64b7b6fa-a5c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hrg8m3rugc2zItcExdEp8fIFTat8EFQgFBB3zm3ZnRqYgo07F6L2RUW9RiGBkY1jZfoP53EsSsakWcXLMOTNHWEVmhiCw7bEb%2BvfCx9R42Q0EzQvOhNn1yqai3E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ea45af5fed9ff28-MAD
priority: u=3,i

GET
H3 200 Su-that-dang-sau-cau-chuyen-Bostonmex-lua-dao-nha-324x160.jpg
ezcash.vn/wp-content/uploads/2023/07/ 13 KB
13 KB 1012ms
1008ms Image
image/jpeg 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2023/07/Su-that-dang-sau-cau-chuyen-Bostonmex-lua-dao-nha-324x160.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ff5c735ad94edde73289e219b44b8408c2c21ddf7dae3209604b1e392192b8b7

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 13264
last-modified: Wed, 19 Jul 2023 10:08:55 GMT
server: cloudflare
etag: "64b7b637-33d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g1RkFHHglZAK7FIN0n32XHEcrlPUgEsV8r911y2wV5NLRUhJXaSh0fxLNTxZJpPmqeKnZ6QLkdWdRXRKMXftzuz2tnSfXCFBcK6px4DoAayJ97HDRKUfolMz9u4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ea45af5fedaff28-MAD
priority: u=3,i

GET
H2 200 DMCA_logo-grn-btn120w.png
images.dmca.com/Badges/ 4 KB
5 KB 66ms
62ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/DMCA_logo-grn-btn120w.png?ID=d08aa2e2-e313-4974-b8df-3a570d7741fd
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f096c63a545538cfdebda14fe95764a84d9c77873fc45afc92861e34c15e906c

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:44 GMT
last-modified: Thu, 22 Apr 2010 19:55:29 GMT
server: Microsoft-IIS/10.0
etag: "8eaf64c255e2ca1:0"
x-powered-by: ASP.NET
x-hw: 1689952064.cds228.ma1.hn,1689952064.cds034.ma1.c
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/DMCA_logo-grn-btn120w.png>; rel="canonical"
content-length: 4534

GET
H2 200 DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ 465 B
671 B 185ms
65ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:44 GMT
content-encoding: gzip
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
server: Microsoft-IIS/10.0
etag: "26b181f16d28d51:0"
x-powered-by: ASP.NET
x-hw: 1689952064.cds228.ma1.hn,1689952064.cds203.ma1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length: 395

GET
H3 200 kk-star-ratings.js Show response
ezcash.vn/wp-content/plugins/kk-star-ratings/src/core/public/js/ 2 KB
1 KB 811ms
810ms Script
application/javascript 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/plugins/kk-star-ratings/src/core/public/js/kk-star-ratings.js?ver=5.4.5
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2f599815bf77ea873706c7a7d098011481682777678b9a043c39ded205e38b77

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 07 Jul 2023 04:56:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a79b05-9c0"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6gXf0oR7pGoO%2FFROKdim526LQ6CWrBFnpaYW1SpUBwtY%2FYdClnbHQy%2BY1TN9WhM%2F2q2NwlsJKoa88D104lObzMJgL9q%2F7R%2B2X0JmiIwTW2Co7YYjr9RA1r8d51I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ea45af5ae97ff28-MAD
alt-svc: h3=":443"; ma=86400
priority: u=2,i=?0

GET
H3 200 wpdiscuz-combo.min.js Show response
ezcash.vn/wp-content/plugins/wpdiscuz/assets/js/ 308 KB
70 KB 1653ms
1642ms Script
application/javascript 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/plugins/wpdiscuz/assets/js/wpdiscuz-combo.min.js?ver=7.6.1
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: e63fe244b46d6502101443cb301af1a28c485eba1c8fff9c3c0b1d5b4f653c20

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 04 Jun 2023 04:57:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"647c19c2-4d079"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S6psQNFycj95u13c1Zv71kzlmsJqOrqN3rTr1EZQzh%2F2gEfQfFFQO1zR9HOlBE5Qb2iibcAS3BqwMGc70KGWzI37ylMKAShFE5Ca8MLpv%2BWcE0OdJ11nPEOyVRM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ea45af5febdff28-MAD
alt-svc: h3=":443"; ma=86400
priority: u=2,i=?0

GET
H3 200 underscore.min.js Show response
ezcash.vn/wp-includes/js/ 18 KB
8 KB 1021ms
1010ms Script
application/javascript 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-includes/js/underscore.min.js?ver=1.13.4
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 18 Dec 2022 01:47:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"639e7121-4991"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0sHLVu1JIoBQNt9TzKaCI%2F93lBK%2F7mvVMxIcxpSpIgmfGifuFCKX67uwjBV3IqpDWdBj0IK0GJ13gV1v5ZSJf%2F%2F2OTbTdAjiUNzZkT%2FIuODgsONAWC8YKuFYTXU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ea45af5febfff28-MAD
alt-svc: h3=":443"; ma=86400
priority: u=2,i=?0

GET
H3 200 js_posts_autoload.min.js Show response
ezcash.vn/wp-content/plugins/td-cloud-library/assets/js/ 5 KB
2 KB 851ms
839ms Script
application/javascript 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=a50385a2d79d6600973a7e697f735a0b
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 18ec45978f0a68004bbcff5a150f9eb62cfac449a51f15c5a61336a2ad1d4675

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 18 Dec 2022 01:42:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"639e7020-13fa"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JBL20BOH2CmVRVPsYKjD5nT5J5B8YvfdalroVkEbxoKjVMue1nKxQkg9zuVUt8HQ2ou8Qwnc9Tp%2FkcQPZKLw8%2FTmoUzy09hGMDicn5CXGZdZKy4AqvlQmljaqDI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ea45af5fec1ff28-MAD
alt-svc: h3=":443"; ma=86400
priority: u=2,i=?0

GET
H3 200 tagdiv_theme.min.js Show response
ezcash.vn/wp-content/plugins/td-composer/legacy/Newspaper/js/ 253 KB
59 KB 1758ms
1746ms Script
application/javascript 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=10.3.9.1
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d7246ea8f0ede1f2eadd6aa077545b7e0423f39e19d33c7c9a99d400afbe1bbb

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 18 Dec 2022 01:43:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"639e7056-3f512"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Bq1PIwiWIwXMEfBol7eo0ZSmn12oGHtqmRnLPBZuk06t8GsgwvnjuN0uFlaa2Od6lGdFcIzV2JTPEGNJ29cT535PsH8enByxQ%2B41ArRwFcznVIBw9%2BIaqeCIiA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ea45af5fec2ff28-MAD
alt-svc: h3=":443"; ma=86400
priority: u=2,i=?0

GET
H3 200 comment-reply.min.js Show response
ezcash.vn/wp-includes/js/ 3 KB
2 KB 851ms
839ms Script
application/javascript 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-includes/js/comment-reply.min.js?ver=6.2.2
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 18 Dec 2022 01:47:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"639e711d-ba5"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QihM4jdkRbTH03K4r%2FpwHBNcjPfJVPWTrnPIQTIOR1TMCVTPbHvowGMzf%2BHMDqmP2tuod0aixndh%2BHH5bZiY3zH%2F54C6QdY9sCuEQ60IMa5qXRwVYZjB%2BvykckU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ea45af5fec4ff28-MAD
alt-svc: h3=":443"; ma=86400
priority: u=2,i=?0

GET
H3 200 jquery.lazyloadxt.extra.min.js Show response
ezcash.vn/wp-content/plugins/a3-lazy-load/assets/js/ 3 KB
2 KB 774ms
763ms Script
application/javascript 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extra.min.js?ver=2.7.0
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2b3c6f1d3cea37b4d8cc609a141b421a88bcaf2f3646965f9f95f4d4a683c949

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 05 Jan 2023 05:56:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63b6668d-bc7"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=og0Uc2xrp7PPPwCqw7xnxIW9aWUKxMApxYi87X52cGmy2SZrM%2FVABv0kGRDymKSEvzShGKFne%2FLQd5gQ6uoU8YVl2YctnZI0ovNvP4m4HQb4MhpH%2FRvqutuDyNQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ea45af5fec7ff28-MAD
alt-svc: h3=":443"; ma=86400
priority: u=2,i=?0

GET
H3 200 jquery.lazyloadxt.srcset.min.js Show response
ezcash.vn/wp-content/plugins/a3-lazy-load/assets/js/ 2 KB
1 KB 844ms
840ms Script
application/javascript 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.srcset.min.js?ver=2.7.0
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 21dc21cf1cc77b458d114634e3775e70f229dc0c215b0c8958920e2079cb5a16

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 05 Jan 2023 05:56:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63b6668d-625"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PaiqFcDWPfoUYc9%2BC6TZKaQqsvh%2BBoe3nY5w6CSNCa7ByHwVMU%2FU2NkMo6BYL1MTMAXu%2BqxdTvB7RZjjfGs7YnVtNq1X%2F%2FWEW1jy%2FDlq9HME5GE1wYLQtx6D2Kg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ea45af5fec8ff28-MAD
alt-svc: h3=":443"; ma=86400
priority: u=2,i=?0

GET
H3 200 jquery.lazyloadxt.extend.js Show response
ezcash.vn/wp-content/plugins/a3-lazy-load/assets/js/ 1 KB
838 B 845ms
840ms Script
application/javascript 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extend.js?ver=2.7.0
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a8a819d7548b9c102d7776cb645212ca1e324ac2de2170598699061e29bc6cbf

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 05 Jan 2023 05:56:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63b6668d-415"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kb1MlGE%2FhPDNFQWbbiejwdbGBEWJpJjmd0MGQGd%2BWq0gImxhpzA2hA2T2eedlht3KYFwpnP%2BQw%2FBm2bI6wgS%2FKyiWGL1GPLILsuMWCkEHAzV7fEhr662qtDHvOU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ea45af5fec9ff28-MAD
alt-svc: h3=":443"; ma=86400
priority: u=2,i=?0

GET
H3 200 js_files_for_front.min.js Show response
ezcash.vn/wp-content/plugins/td-cloud-library/assets/js/ 33 KB
8 KB 1121ms
1117ms Script
application/javascript 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=a50385a2d79d6600973a7e697f735a0b
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4efd43ff6d6dc2c922d3ba71a80f7f499eb56f65df5fe2c60305b35e66062eae

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 18 Dec 2022 01:42:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"639e7020-8387"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ARd5rVvpLIIEWMiIk%2FyrVpPHzDHbEsJXm5MZ2OVpwD8JGfVBUxa2qRGWjE%2BatAuNqH58y8CMRzEeyfa2Ez1dLW8f99Fp7WjgH3w03r6ZxBH6KMw%2FbPJPZgnzqnU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ea45af5fecaff28-MAD
alt-svc: h3=":443"; ma=86400
priority: u=2,i=?0

GET
H2 200 v2cb3a2ab87c5498db5ce7e6608cf55231689030342039 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 238ms
141ms Script
text/javascript 104.16.56.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v2cb3a2ab87c5498db5ce7e6608cf55231689030342039
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.56.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af780e357234ceb6feec085a9a31f46834c88c4d3852d79050ad9dc3658a3a67

Request headers

Referer: https://ezcash.vn/
Origin: https://ezcash.vn
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:45 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7ea45af68ad54893-LIS

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 168 KB
63 KB 347ms
180ms Script
application/javascript 216.58.206.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TV3BM7C

Requested by

Host: ezcash.vn
URL: https://ezcash.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

926fd3ceaa460beb0ad878001831b7ede71b7163002e35ac16877f66b4d1e060

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 64603
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Jul 2023 15:07:45 GMT

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 newspaper.woff
ezcash.vn/wp-content/themes/Newspaper/images/icons/ 123 KB
123 KB 1340ms
1338ms Font
font/woff 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/themes/Newspaper/images/icons/newspaper.woff?19
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/wp-content/themes/Newspaper/style.css?ver=6.2.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 557c7d8dd32557129cec3d5d4f221eef6e8706e0855f826f5f6db4278e08420b

Request headers

Referer: https://ezcash.vn/wp-content/themes/Newspaper/style.css?ver=6.2.2
Origin: https://ezcash.vn
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:46 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 125620
last-modified: Sun, 18 Dec 2022 01:43:59 GMT
server: cloudflare
etag: "639e705f-1eab4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sMbV5e4epyOEXdRB1jWvA3oiEt1VDuOluDpGWCBuLjDgWR7%2BUfGoQv4adLFAOwatd%2Bz%2BTfH%2FB9CfKI8%2FT6GG%2F0e%2FxLTqRwdW8eyWZySwM0XOYFgm3N1QRgDtm%2BU%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ea45af60ee1ff28-MAD
priority: u=0,i=?0

GET
H3 200 newspaper-icons.woff
ezcash.vn/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/icons/ 6 KB
6 KB 808ms
806ms Font
font/woff 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/icons/newspaper-icons.woff?1
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=c784b8db3e66cd68082f3ff7aa2d70e6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2a2ac34136c00e48cd04edf792aec5e6dba2b4cd5942b9383f3f56764125e808

Request headers

Referer: https://ezcash.vn/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=c784b8db3e66cd68082f3ff7aa2d70e6
Origin: https://ezcash.vn
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 5956
last-modified: Sun, 18 Dec 2022 01:42:56 GMT
server: cloudflare
etag: "639e7020-1744"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HO6iauFjZfDrhxWr%2BiwfLf1DUbA6g6Hqb01TykASiBG5c5aYziCsRIXV%2FnPMaTBNfGJsGuAxnTpGr7B1G1kHFthVosz0oGOyW7VuZgC8ExRaWJ9WHLmy2lRc4SU%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ea45af60ee2ff28-MAD
priority: u=0,i=?0

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
47 KB 329ms
158ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ezcash.vn
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 05:45:28 GMT
x-content-type-options: nosniff
age: 552137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 05:45:28 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 252ms
81ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ezcash.vn
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 16:46:26 GMT
x-content-type-options: nosniff
age: 80479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Jul 2024 16:46:26 GMT

GET
H2 200 ga6iaw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTa32J4wsL2JAlAhZqFCTx8cK.woff2
fonts.gstatic.com/s/notoserif/v22/ 14 KB
14 KB 403ms
253ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v22/ga6iaw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTa32J4wsL2JAlAhZqFCTx8cK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

1526d0045855576edceeed3f08f6dc2c1b85d8903e2e61fe501b7d9ebfbb0783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ezcash.vn
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 06:16:53 GMT
x-content-type-options: nosniff
age: 550252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14564
x-xss-protection: 0
last-modified: Tue, 30 May 2023 21:17:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 06:16:53 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 273ms
130ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ezcash.vn
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 22:23:32 GMT
x-content-type-options: nosniff
age: 319453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Jul 2024 22:23:32 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 5 KB
6 KB 390ms
248ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ezcash.vn
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 16:46:30 GMT
x-content-type-options: nosniff
age: 80475
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5548
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Jul 2024 16:46:30 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 383ms
241ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ezcash.vn
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 18:09:52 GMT
x-content-type-options: nosniff
age: 334673
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11824
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Jul 2024 18:09:52 GMT

GET
H3 200 backend-la-gi-696x392.png
ezcash.vn/wp-content/uploads/2023/07/ 89 KB
90 KB 1350ms
1350ms Image
image/png 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2023/07/backend-la-gi-696x392.png
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2a5088c906fc6f97975e6815dfac905b43bd48f1b7fa6015e821dff00713ee7e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:46 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 91260
last-modified: Wed, 19 Jul 2023 09:44:57 GMT
server: cloudflare
etag: "64b7b099-1647c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nzBOYU6%2FRyvdxiw3FsE5dz7N%2BsZEKxbhxehOr5%2BXjrcQiaWUw8AwejdpBDEPqdAYl%2FLkcE3xf8dD96kIrR5ecqpNaL0l4tERTxo%2FtwL1tsr66lglaiFVfgeDvfA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ea45af65f0bff28-MAD
priority: u=3,i

GET
H3 200 1689500438_256_Bat-mi-cach-vay-tien-nhanh-khong-can-the-chap.png
ezcash.vn/wp-content/uploads/2023/07/ 205 KB
205 KB 1296ms
1295ms Image
image/png 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2023/07/1689500438_256_Bat-mi-cach-vay-tien-nhanh-khong-can-the-chap.png
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d0f07516c4f88817a73f73226111077a28c8478c7e4d5acdc725f41351bccb62

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:46 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 209789
last-modified: Sun, 16 Jul 2023 09:40:38 GMT
server: cloudflare
etag: "64b3bb16-3337d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kxLwtwcF2bfbEnf1ooNu2eoE7v6Q%2FzNgIlhanox3B18dJNOaMfdY%2Br%2BzGbVPRUh1Nj2twLMXG0HsaTjHZYQowLRFkDCc66Yn5vSaBoY%2F7mxu2QNu%2F8Kxa0xZl7g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ea45af65f0cff28-MAD
priority: u=3,i

GET
H3 200 Qua-chuong-trinh-VIB-da-thanh-cong-khi-truyen-tai-thong-diep-la-mot-trong-nhung-ngan-hang-Dan-dau-xu-the-the-324x320.jpg
ezcash.vn/wp-content/uploads/2023/07/ 36 KB
37 KB 1052ms
1052ms Image
image/jpeg 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2023/07/Qua-chuong-trinh-VIB-da-thanh-cong-khi-truyen-tai-thong-diep-la-mot-trong-nhung-ngan-hang-Dan-dau-xu-the-the-324x320.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 519b4187e0bf5f62ebba579eb65de16c0c9d504063d2ce62e7b5a20768a40866

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 37320
last-modified: Thu, 13 Jul 2023 09:39:00 GMT
server: cloudflare
etag: "64afc634-91c8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TjeF2BeDIeyNgXjJ%2Fpv2SW1GPrMZCs%2BmsPhH4NA1pC3QNgEgem%2BlO3abrRqBp%2FoKc0iVusIoEi8%2BPm%2FGwlfTAna147cDRJilhQlceHQlA%2FvaDgQG8idVWgH1V3c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ea45af65f0eff28-MAD
priority: u=3,i

GET
H3 200 xuong_the_gioi_ao_thun-324x400.jpg
ezcash.vn/wp-content/uploads/2023/07/ 34 KB
35 KB 1078ms
1078ms Image
image/jpeg 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2023/07/xuong_the_gioi_ao_thun-324x400.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 3b613523709a7590e9f116baa884b24b913ca728805f9ec009c09cd167bb874d

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:46 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 35206
last-modified: Wed, 12 Jul 2023 09:17:55 GMT
server: cloudflare
etag: "64ae6fc3-8986"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQFvoVInjjim1atsFi6UyQMwZg7mjx8tASFqRMXYCue3OxnrjRgfF7vDzAqj6X06GrJMIwvVmC3EIAB8m%2BGER%2Fkd4rfbhJtp9utolWsKyQE%2BcCF2PENqrkCF7lc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ea45af65f0fff28-MAD
priority: u=3,i

GET
H3 200 loading.gif
ezcash.vn/wp-content/plugins/a3-lazy-load/assets/css/ 2 KB
2 KB 865ms
864ms Image
image/gif 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/plugins/a3-lazy-load/assets/css/loading.gif
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/wp-content/plugins/a3-lazy-load/assets/css/jquery.lazyloadxt.spinner.css?ver=6.2.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b6e4dff920e21e3f436a014140d01d43c97177e007556ede69f772f08cb7a7ec

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/wp-content/plugins/a3-lazy-load/assets/css/jquery.lazyloadxt.spinner.css?ver=6.2.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 1690
last-modified: Thu, 05 Jan 2023 05:56:29 GMT
server: cloudflare
etag: "63b6668d-69a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0t3XK%2BymztbuD7vbqrhWzYnQdTuGR45XxJpLl4VBPPNXyhYJl2PYOxEsUtVs43SdlRh%2B3U08LSuN50mwRs9ZbZSuE%2F8uoETk5kk0P%2FqxFWl0dz6PZEGRqzDPVMo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ea45af66f10ff28-MAD
priority: u=3,i

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 330ms
219ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ezcash.vn
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:26:14 GMT
x-content-type-options: nosniff
age: 250891
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jul 2024 17:26:14 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 5 KB
6 KB 230ms
123ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

0948409a22b5979aa7e1ec20da9e61f12e7d403800b541ece053881bd2542b70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ezcash.vn
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 06:06:18 GMT
x-content-type-options: nosniff
age: 291687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5604
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jul 2024 06:06:18 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 253ms
147ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ezcash.vn
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 03:39:22 GMT
x-content-type-options: nosniff
age: 559703
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 03:39:22 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 342ms
246ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ezcash.vn
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 18:23:15 GMT
x-content-type-options: nosniff
age: 506670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 18:23:15 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 5 KB
6 KB 348ms
252ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ezcash.vn
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 06:20:05 GMT
x-content-type-options: nosniff
age: 31660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5560
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jul 2024 06:20:05 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
fonts.gstatic.com/s/opensans/v35/ 16 KB
16 KB 353ms
258ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

ebb74f52d595b97010ee3601e1ed536cccc19ee8ceb78fade65507a34f87c53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ezcash.vn
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 03:14:42 GMT
x-content-type-options: nosniff
age: 561183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16524
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 03:14:42 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v35/ 34 KB
34 KB 321ms
225ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

b153ed5268005996e0bf3f4aa64b436e0f1721c44122101441f683ca5f7763a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ezcash.vn
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 15:47:35 GMT
x-content-type-options: nosniff
age: 516010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35184
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:11:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 15:47:35 GMT

GET
H2 200 ga6iaw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTa32J4wsL2JAlAhZqFCTyMcKtq8.woff2
fonts.gstatic.com/s/notoserif/v22/ 5 KB
5 KB 344ms
250ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v22/ga6iaw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTa32J4wsL2JAlAhZqFCTyMcKtq8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

0d52a14c53655c602af6a0cd92c82fb4a239ecb065f95797046d108da6025d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ezcash.vn
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:38:45 GMT
x-content-type-options: nosniff
age: 203340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5292
x-xss-protection: 0
last-modified: Tue, 30 May 2023 21:24:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jul 2024 06:38:45 GMT

GET
H2 200 ga6iaw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTa32J4wsL2JAlAhZqFCTyccKtq8.woff2
fonts.gstatic.com/s/notoserif/v22/ 43 KB
43 KB 293ms
200ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v22/ga6iaw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTa32J4wsL2JAlAhZqFCTyccKtq8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

8941fd5e42ee92f4b832997fefdc875d538d5c0267a7488f2ba35780e5b75016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ezcash.vn
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 06:07:40 GMT
x-content-type-options: nosniff
age: 550805
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43888
x-xss-protection: 0
last-modified: Tue, 30 May 2023 21:15:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 06:07:40 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/ 357 KB
123 KB 153ms
152ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1828578781656677&plah=ezcash.vn&bust=31076208

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

84a3270e659bcd3932cf1294607a971b71d12d7d8a27e101bd5a9b4789cb448f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125726
x-xss-protection: 0
server: cafe
etag: 8069082471642459980
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 15:07:45 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230719/r20190131/ Frame 8AE2 10 KB
5 KB 245ms
79ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230719/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezcash.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

age: 8422
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 12:47:23 GMT
etag: 12368291122986407432
expires: Fri, 04 Aug 2023 12:47:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
76 KB 94ms
93ms Script
application/javascript 216.58.206.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N0PLB72BPZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-162917087-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

039fd0d6f02af680d8734d282b070ba33c4f41388a415e77ec48ee8e30b29e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77949
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Jul 2023 15:07:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 238ms
77ms Script
text/javascript 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-162917087-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 21 Jul 2023 14:35:19 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1946
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 21 Jul 2023 16:35:19 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
250 B 203ms
74ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-N0PLB72BPZ&gtm=45je37j0&_p=10922184&_gaz=1&cid=1093599422.1689952066&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1689952065&sct=1&seg=0&dl=https%3A%2F%2Fezcash.vn%2F&dt=T%C6%B0%20v%E1%BA%A5n%20vay%20ti%E1%BB%81n%20m%E1%BA%B7t%20d%E1%BB%85%20d%C3%A0ng%20-%20EzCash.vn&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N0PLB72BPZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 15:07:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ezcash.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
241 B 231ms
83ms Ping
text/plain 173.194.76.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N0PLB72BPZ&cid=1093599422.1689952066&gtm=45je37j0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N0PLB72BPZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.76.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ws-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 15:07:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ezcash.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.pt/ads/ 42 B
408 B 285ms
104ms Image
image/gif 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.pt/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N0PLB72BPZ&cid=1093599422.1689952066&gtm=45je37j0&aip=1&z=1726229582

Requested by

Host: ezcash.vn
URL: https://ezcash.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 15:07:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
601 B 258ms
88ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ezcash.vn&callback=_gfp_s_&client=ca-pub-1828578781656677

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1828578781656677&plah=ezcash.vn&bust=31076208

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

0e0fb4f180901a69970f247ed9260e73561df4c89684ed58205b0d81f6956122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 264ms
94ms Script
application/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ezcash.vn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3996 436 B
433 B 581ms
580ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&h=90&adk=4100517743&adf=1183505835&w=728&lmt=1689952065&format=728x90&url=https%3A%2F%2Fezcash.vn%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689952065354&bpp=3&bdt=2569&idt=258&shv=r20230719&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&correlator=3657160247113&frm=20&pv=2&ga_vid=1093599422.1689952066&ga_sid=1689952066&ga_hid=10922184&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076162%2C31076208%2C31076252%2C42531705%2C44788441%2C44789819%2C44797785&oid=2&pvsid=511402500215813&tmod=1210082220&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=pg2IYRBZEE&p=https%3A//ezcash.vn&dtd=275

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

9426cf2e9ba1c0c19dbc9f5379a630e73cb37d8a2085747f7986ac953bccc62e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezcash.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 15:07:46 GMT
expires: Fri, 21 Jul 2023 15:07:46 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1503 436 B
381 B 716ms
715ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&h=250&adk=3158972657&adf=2806652664&w=300&lmt=1689952065&format=300x250&url=https%3A%2F%2Fezcash.vn%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689952065357&bpp=1&bdt=2573&idt=278&shv=r20230719&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=3657160247113&frm=20&pv=1&ga_vid=1093599422.1689952066&ga_sid=1689952066&ga_hid=10922184&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=2043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076162%2C31076208%2C31076252%2C42531705%2C44788441%2C44789819%2C44797785&oid=2&pvsid=511402500215813&tmod=1210082220&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ZwFlMsDnsi&p=https%3A//ezcash.vn&dtd=284

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

eed1a2dae09faab54a4847b1543e2a2915c1e6feb15b6507fc0d02a1034ba514

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezcash.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 15:07:46 GMT
expires: Fri, 21 Jul 2023 15:07:46 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
203 B 84ms
83ms XHR
text/plain 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=10922184&t=pageview&_s=1&dl=https%3A%2F%2Fezcash.vn%2F&ul=en-us&de=UTF-8&dt=T%C6%B0%20v%E1%BA%A5n%20vay%20ti%E1%BB%81n%20m%E1%BA%B7t%20d%E1%BB%85%20d%C3%A0ng%20-%20EzCash.vn&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1186475268&gjid=1746189813&cid=1093599422.1689952066&tid=UA-162917087-1&_gid=1481813865.1689952066&_r=1&gtm=457e37j0&jsscut=1&z=791439378

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ezcash.vn/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 15:07:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ezcash.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 78ms
78ms XHR
text/plain 173.194.76.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-162917087-1&cid=1093599422.1689952066&jid=1186475268&gjid=1746189813&_gid=1481813865.1689952066&_u=YADAAUAAAAAAACAAI~&z=1580614624

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

d1c87d61697d144d62a45e704e89fff10ac0a6c448a0982f05b8a105e3968333

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ezcash.vn/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 21 Jul 2023 15:07:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ezcash.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 275ms
105ms Image
image/gif 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-162917087-1&cid=1093599422.1689952066&jid=1186475268&_u=YADAAUAAAAAAACAAI~&z=1095943918

Requested by

Host: ezcash.vn
URL: https://ezcash.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 15:07:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.pt/ads/ 42 B
107 B 104ms
103ms Image
image/gif 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.pt/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-162917087-1&cid=1093599422.1689952066&jid=1186475268&_u=YADAAUAAAAAAACAAI~&z=1095943918

Requested by

Host: ezcash.vn
URL: https://ezcash.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 15:07:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 91ms
90ms Script
application/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ezcash.vn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D52B 325 KB
78 KB 791ms
790ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&adk=1812271804&adf=3025194257&lmt=1689952066&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_l%7C236x810_r&format=0x0&url=https%3A%2F%2Fezcash.vn%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689952066706&bpp=1&bdt=3922&idt=2&shv=r20230719&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2a604d250f8f045-227b032735de002a%3AT%3D1689952065%3ART%3D1689952065%3AS%3DALNI_MZ3RLA_igbtWAnnizIH3flM6jWCWg&gpic=UID%3D00000cffeba318aa%3AT%3D1689952065%3ART%3D1689952065%3AS%3DALNI_Mb1qH2x91YVf6Y9vFnGGilf_tvHWQ&prev_fmts=728x90%2C300x250&nras=1&correlator=3657160247113&frm=20&pv=1&ga_vid=1093599422.1689952066&ga_sid=1689952066&ga_hid=10922184&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076162%2C31076208%2C31076252%2C42531705%2C44788441%2C44789819%2C44797785&oid=2&pvsid=511402500215813&tmod=1210082220&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=22

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

891b91e28ee0db2a37fb0a1bc3272773efd7e7fed9e0f126642f3c6baa8a2cb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezcash.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 80327
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 15:07:47 GMT
expires: Fri, 21 Jul 2023 15:07:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

invisible.js Show response
ezcash.vn/cdn-cgi/challenge-platform/h/b/scripts/jsd/e6489737/ Frame 1D58
Redirect Chain

https://ezcash.vn/cdn-cgi/challenge-platform/scripts/invisible.js
https://ezcash.vn/cdn-cgi/challenge-platform/h/b/scripts/jsd/e6489737/invisible.js

7 KB
4 KB

68ms
68ms

Script
application/javascript

104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ezcash.vn/cdn-cgi/challenge-platform/h/b/scripts/jsd/e6489737/invisible.js

Requested by

Host: ezcash.vn
URL: https://ezcash.vn/

Protocol

Server

104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46fff3d98034e07899f3d2f2aaec52ca07c7aa88de5ca41e87af0d6d97d30099

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:46 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQHw27Wd2PmX6uAcc4T%2BzuRG%2FaOnWcleX%2Fe293hZLqMlW3DUNtxzlAYdYA4DPqhZYwka6o5Oh8RtcPE3ivwqmMOw28gLeCd%2BlZLwQzpdH5XFQLz6toYQRf67c%2FQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7ea45b01be10ff28-MAD
alt-svc: h3=":443"; ma=86400
priority: u=3,i=?0

Redirect headers

date: Fri, 21 Jul 2023 15:07:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N1BzUxStZH4eTR64ANKR%2BI01eGm3U%2FeuzCKwDutUmiPuJ60K2PoWrTRvOhIQyHOpFovIRHS9IB%2Bbh%2B0BEjIp4uf9u20xnP0FbXtu%2B1y%2F4if7uhwJJiKFRZgBTdk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/e6489737/invisible.js
cache-control: max-age=300, public
cf-ray: 7ea45b014dd2ff28-MAD
alt-svc: h3=":443"; ma=86400
priority: u=3,i=?0

GET
H3 200 logo-Manulife-400x265.jpg
ezcash.vn/wp-content/uploads/2020/11/ 15 KB
16 KB 520ms
519ms Image
image/jpeg 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2020/11/logo-Manulife-400x265.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 5234d0ab53e6bdbed873a394ea62336a452ef5c727327010295fca5f22c873f2

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 15559
last-modified: Sun, 18 Dec 2022 01:44:53 GMT
server: cloudflare
etag: "639e7095-3cc7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OzhkPG6w2lsQ7fJGlvC%2FycdM1fj94jXPFWqByvEaz6u3eLyunVit38kWAJqWpmUo15w0mTJdG%2BvVrq9cQ43Bz0f7dFEX5pCzUgRoCP2M5OVwpw6JTTEjFraFOJk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ea45b01ae01ff28-MAD
priority: u=3,i

GET
H3 200 vay-nhanh-uu-dai-lai-suat-400x148.jpg
ezcash.vn/wp-content/uploads/2020/04/ 18 KB
18 KB 344ms
342ms Image
image/jpeg 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2020/04/vay-nhanh-uu-dai-lai-suat-400x148.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 6165c9069cbd887d464c8c628e554f88b6f2e39408ae1897098d70d8b4235b69

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 17943
last-modified: Sun, 18 Dec 2022 01:44:05 GMT
server: cloudflare
etag: "639e7065-4617"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WzT%2BcZHTUnoBoMZMnJ78S8%2FtO7ZiS613lZxxewTItO8mST8is06fBLVPKeRqVjcZ8LAj5y%2BzwhQ%2F69s4t6N4XlX16eAw5lYEa0j8CXkGPtkrM3kPcfD0HAF1xag%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ea45b01ae04ff28-MAD
priority: u=3,i

GET
H3 200 the-hoi-vien-bong-sen-vang-400x259.jpg
ezcash.vn/wp-content/uploads/2020/10/ 20 KB
20 KB 1049ms
1047ms Image
image/jpeg 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2020/10/the-hoi-vien-bong-sen-vang-400x259.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a77089939cd9806cbb96dc6d5986e2db2fe8892a4f207e3e78fa93b67508fef4

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 20272
last-modified: Sun, 18 Dec 2022 01:44:30 GMT
server: cloudflare
etag: "639e707e-4f30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UnAVOlew7vzxnYCLPht8Kl%2FWTJ4SHLE2WdsFndC7O57aCoMQQJqyzNiZoSPUSttiOxrqzXg8zK8Pnglx4fkiaODaTMJlL7mdRqxzMWFH4GvP5lwjEZXJy319mkE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ea45b01ae05ff28-MAD
priority: u=3,i

GET
H3 200 vay-tien-online-tren-app-mbbank-400x225.png
ezcash.vn/wp-content/uploads/2020/10/ 57 KB
57 KB 734ms
732ms Image
image/png 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2020/10/vay-tien-online-tren-app-mbbank-400x225.png
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: bb2eee7604f3f0b5dc55018626557adccda61c7a98732f1649df6b095838fc36

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 58003
last-modified: Sun, 18 Dec 2022 01:44:30 GMT
server: cloudflare
etag: "639e707e-e293"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CJ6UmFw4%2FipyYijvz%2B%2F%2FaUqmjqizFOcUDZjKkayrD7njxjuvb4X52RvkyUBNsAE27Rof1NoVJDwWTGsjmzfHct%2FHKW4sXi86X%2BK3DilxY3p0opeysizJtYanYZI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ea45b01ae07ff28-MAD
priority: u=3,i

GET
H3 200 Tra-cuu-CMND-218x150.jpg
ezcash.vn/wp-content/uploads/2021/02/ 6 KB
7 KB 910ms
908ms Image
image/jpeg 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2021/02/Tra-cuu-CMND-218x150.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4531fda02acff2e3d2a89e953dcc6c90a1a5c1ed5ad8da9b8e853542bb256d7d

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 6331
last-modified: Sun, 18 Dec 2022 01:45:22 GMT
server: cloudflare
etag: "639e70b2-18bb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aZ1ikHA6MgZSsz1UtW%2BiPDXX%2FGAu1RyqPt%2FtBHCJsZkP8v9WQsUtnLQn1siF%2F3R6gc4BGijRFfgyZT%2FBOSz39r8qcBFTY7E%2BqZbtZ%2BksQg0phitADQT4EoJOKa0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ea45b01ae08ff28-MAD
priority: u=3,i

GET
H3 200 vib-la-ngan-hang-gi-1-218x150.jpg
ezcash.vn/wp-content/uploads/2022/10/ 10 KB
10 KB 798ms
796ms Image
image/jpeg 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2022/10/vib-la-ngan-hang-gi-1-218x150.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 9418a19c7e3a746f92c4d7abd451120e52360d1baa7ed0b15c26050e48682c69

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 9896
last-modified: Sun, 18 Dec 2022 01:46:51 GMT
server: cloudflare
etag: "639e710b-26a8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xOz1wZbZwZb3le%2FlEbaO4iPPwiy3pX0rIqRQQmLdqhg3S7aVjAauKUXEEGM%2BaH0EaBWf7TcFrrZO0SlpdqdAfbnQk7n5AElSAwvSpYkBIFDM1Z2k45jLrG0teTE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ea45b01ae09ff28-MAD
priority: u=3,i

GET
H3 200 nhan-vien-tin-dung-ngan-hang-1-218x150.jpg
ezcash.vn/wp-content/uploads/2022/07/ 7 KB
8 KB 741ms
739ms Image
image/jpeg 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2022/07/nhan-vien-tin-dung-ngan-hang-1-218x150.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 423fcf85a5abf4a9e0bfd3bf198ef9bf597fd67824124f23823de1ad2b4e70f4

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 7393
last-modified: Sun, 18 Dec 2022 01:46:40 GMT
server: cloudflare
etag: "639e7100-1ce1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mr5n0UxcJ0mpVDBmTriaZ09FNGjWgMpCczuON9stieGDeD%2BJzopM9umMy4LzTmGgE1PBXhWO0txme8BkS%2BWMhzh7ODvVO8%2BZjW3CC8edZ9ymgKTze%2BnnX8MlaRk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ea45b01ae0aff28-MAD
priority: u=3,i

GET
H3 200 may-pos-ngan-hang-nao-phi-thap-1-218x150.png
ezcash.vn/wp-content/uploads/2022/06/ 28 KB
28 KB 1017ms
1015ms Image
image/png 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2022/06/may-pos-ngan-hang-nao-phi-thap-1-218x150.png
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: bfe872d3e8bc20b801daf2d8eea922aa4e5ef6368205e9df54b03830f5a30e6b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 28617
last-modified: Sun, 18 Dec 2022 01:46:35 GMT
server: cloudflare
etag: "639e70fb-6fc9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xlaoq3ZlJfBnuZ8FcUO402XO9JpufZsEEROYnLsACARNkEq0zU5lMkrgkLtqLlK3yHH8sJ1hRPyvEQbOM%2BKCbXIlrdnt9RxpXSYrxp%2FH8CIYuZgrn5x6YdRBcL8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ea45b01ae0bff28-MAD
priority: u=3,i

GET
H3 200 tpbank-la-ngan-hang-gi-1-218x150.jpg
ezcash.vn/wp-content/uploads/2022/10/ 7 KB
8 KB 805ms
804ms Image
image/jpeg 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2022/10/tpbank-la-ngan-hang-gi-1-218x150.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 030033e1c91179db8c207c8ccd52f30fc310e7abbc032dc5487854d93cb5d950

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 7631
last-modified: Sun, 18 Dec 2022 01:46:50 GMT
server: cloudflare
etag: "639e710a-1dcf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nHpXuBLESAOpoyF4ApSMEsuTGQhKs38U8dmBKKEupiKJezIFfwzPTrQ0lg0aY74suM8LVi4hkzOnLvPAuQVizGQQnXlkvw%2B7x2d0v2Z6HbE9duvtkRf4DUvrUcE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ea45b01ae0cff28-MAD
priority: u=3,i

GET
H3 200 bidv-la-ngan-hang-gi-1-218x150.jpg
ezcash.vn/wp-content/uploads/2022/02/ 10 KB
10 KB 326ms
324ms Image
image/jpeg 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2022/02/bidv-la-ngan-hang-gi-1-218x150.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 9113daaaf2ab88835c3d95871ab36b6605546009a28b0573f947b251dbaaef5e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 9874
last-modified: Sun, 18 Dec 2022 01:46:12 GMT
server: cloudflare
etag: "639e70e4-2692"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wy62bopQlUmW7FsaTbPk%2Ff%2BP8yY9Y%2F4fMRfYXLhCg44nU9BKCvNRAdk8FJhSCJOKjLTx7%2Ff2rhnjK%2FvVQIT5LvbOO9K2y%2BtXuzw5ozuZWI4OR71n%2FigG2O0ZHk4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ea45b01ae0dff28-MAD
priority: u=3,i

POST
H3 200 7ea45ae3a942665d Show response
ezcash.vn/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 1D58 0
528 B 93ms
90ms XHR
text/plain 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/cdn-cgi/challenge-platform/h/b/cv/result/7ea45ae3a942665d
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 21 Jul 2023 15:07:47 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=42TyyEJExQm4QX%2FZCzBvPWtdirSbPsBZr6QATk%2BZH4LbH33rAZmf%2FzUnJehOncv0TnSGb3vb3BVM0bH03JIm5lt0g8nyK%2Fs8cok1UOaEjTZwRzJJ0VmDnXngVc0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7ea45b02cebeff28-MAD
alt-svc: h3=":443"; ma=86400
priority: u=1,i

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/ 154 KB
52 KB 186ms
185ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/reactive_library_fy2021.js?bust=31076208

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

3b7eb5bced6000903beb971fbb206e8a6490d3bcf01cf11963553edc6ba6e7cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53469
x-xss-protection: 0
server: cafe
etag: 4067569509235369116
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 15:07:47 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 90ms
89ms Script
application/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ezcash.vn

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F390 436 B
233 B 577ms
577ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&h=280&adk=342529684&adf=2591393878&pi=t.aa~a.3806930284~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689952067&rafmt=1&to=qs&pwprc=3986467712&format=1200x280&url=https%3A%2F%2Fezcash.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689952067681&bpp=2&bdt=4896&idt=-M&shv=r20230719&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2a604d250f8f045-227b032735de002a%3AT%3D1689952065%3ART%3D1689952065%3AS%3DALNI_MZ3RLA_igbtWAnnizIH3flM6jWCWg&gpic=UID%3D00000cffeba318aa%3AT%3D1689952065%3ART%3D1689952065%3AS%3DALNI_Mb1qH2x91YVf6Y9vFnGGilf_tvHWQ&prev_fmts=728x90%2C300x250%2C0x0&nras=2&correlator=3657160247113&frm=20&pv=1&ga_vid=1093599422.1689952066&ga_sid=1689952066&ga_hid=10922184&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076162%2C31076208%2C31076252%2C42531705%2C44788441%2C44789819%2C44797785&oid=2&pvsid=511402500215813&tmod=1210082220&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=JHUJvQzHPW&p=https%3A//ezcash.vn&dtd=11

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ade5493549bbb6ac9a15ec1135ba277dcd8f61419d31649314c2bed7607ce12f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezcash.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 15:07:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C1C2 436 B
234 B 960ms
959ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&h=280&adk=342529684&adf=1947265008&pi=t.aa~a.3806966213~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689952067&rafmt=1&to=qs&pwprc=3986467712&format=1200x280&url=https%3A%2F%2Fezcash.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689952067681&bpp=1&bdt=4896&idt=-M&shv=r20230719&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2a604d250f8f045-227b032735de002a%3AT%3D1689952065%3ART%3D1689952065%3AS%3DALNI_MZ3RLA_igbtWAnnizIH3flM6jWCWg&gpic=UID%3D00000cffeba318aa%3AT%3D1689952065%3ART%3D1689952065%3AS%3DALNI_Mb1qH2x91YVf6Y9vFnGGilf_tvHWQ&prev_fmts=728x90%2C300x250%2C0x0%2C1200x280&nras=3&correlator=3657160247113&frm=20&pv=1&ga_vid=1093599422.1689952066&ga_sid=1689952066&ga_hid=10922184&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2556&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076162%2C31076208%2C31076252%2C42531705%2C44788441%2C44789819%2C44797785&oid=2&pvsid=511402500215813&tmod=1210082220&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=0GZmeNr4Lx&p=https%3A//ezcash.vn&dtd=40

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

4a7e8b308d52d7e50218e7b2a7dd06a0ba66b267ace78ec8245c3455eeef5b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezcash.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 15:07:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E1F4 436 B
234 B 515ms
515ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&h=250&adk=4246380789&adf=2417272941&pi=t.aa~a.2459291753~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1689952067&rafmt=1&to=qs&pwprc=3986467712&format=324x250&url=https%3A%2F%2Fezcash.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689952067681&bpp=1&bdt=4896&idt=-M&shv=r20230719&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2a604d250f8f045-227b032735de002a%3AT%3D1689952065%3ART%3D1689952065%3AS%3DALNI_MZ3RLA_igbtWAnnizIH3flM6jWCWg&gpic=UID%3D00000cffeba318aa%3AT%3D1689952065%3ART%3D1689952065%3AS%3DALNI_Mb1qH2x91YVf6Y9vFnGGilf_tvHWQ&prev_fmts=728x90%2C300x250%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=3657160247113&frm=20&pv=1&ga_vid=1093599422.1689952066&ga_sid=1689952066&ga_hid=10922184&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=3609&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076162%2C31076208%2C31076252%2C42531705%2C44788441%2C44789819%2C44797785&oid=2&pvsid=511402500215813&tmod=1210082220&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=Kg7mUXjoch&p=https%3A//ezcash.vn&dtd=44

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

b32745855f275a2477d35c38f1a3cadddbf78d740931e8b94b59cd207f4346bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezcash.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 15:07:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BC4A 436 B
234 B 544ms
543ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&h=250&adk=4246380789&adf=3654185071&pi=t.aa~a.715776121~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1689952067&rafmt=1&to=qs&pwprc=3986467712&format=324x250&url=https%3A%2F%2Fezcash.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689952067681&bpp=1&bdt=4897&idt=0&shv=r20230719&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2a604d250f8f045-227b032735de002a%3AT%3D1689952065%3ART%3D1689952065%3AS%3DALNI_MZ3RLA_igbtWAnnizIH3flM6jWCWg&gpic=UID%3D00000cffeba318aa%3AT%3D1689952065%3ART%3D1689952065%3AS%3DALNI_Mb1qH2x91YVf6Y9vFnGGilf_tvHWQ&prev_fmts=728x90%2C300x250%2C0x0%2C1200x280%2C1200x280%2C324x250&nras=5&correlator=3657160247113&frm=20&pv=1&ga_vid=1093599422.1689952066&ga_sid=1689952066&ga_hid=10922184&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=4325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076162%2C31076208%2C31076252%2C42531705%2C44788441%2C44789819%2C44797785&oid=2&pvsid=511402500215813&tmod=1210082220&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=WqI5x2nS2Z&p=https%3A//ezcash.vn&dtd=54

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

c9440b911830a59895ddd69b95ebbd395b0f185d57e67c806f0e43ca47ce771c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezcash.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 15:07:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 96ms
96ms Script
application/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ezcash.vn

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/ Frame 1079 10 KB
4 KB 79ms
78ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezcash.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

age: 68558
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 20:05:09 GMT
etag: 12368291122986407432
expires: Thu, 03 Aug 2023 20:05:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/ Frame 0921 10 KB
4 KB 90ms
89ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezcash.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

age: 68558
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 20:05:09 GMT
etag: 12368291122986407432
expires: Thu, 03 Aug 2023 20:05:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 1079 4 KB
767 B 95ms
92ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Jul 2023 15:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Jul 2023 14:42:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Jul 2023 15:07:48 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1079 205 B
650 B 258ms
85ms Image
image/png 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 09:18:57 GMT
x-content-type-options: nosniff
age: 20931
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 20 Jul 2024 09:18:57 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1079 604 B
718 B 259ms
86ms Image
image/png 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 13:52:00 GMT
x-content-type-options: nosniff
age: 90948
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 00:58:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 19 Jul 2024 13:52:00 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/elements/html/ Frame 1079 20 KB
9 KB 265ms
83ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

faefc7d5cb22f0899412f91aa8fcabe5910c50cb6faee897413b62ac324c0f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 19:22:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8607
x-xss-protection: 0
server: cafe
etag: 1206383197409669553
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 19:22:06 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0921 6 KB
779 B 97ms
92ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Jul 2023 15:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Jul 2023 14:45:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Jul 2023 15:07:48 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 0921 2 KB
973 B 297ms
150ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:24:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 17:24:17 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/ Frame 0921 23 KB
9 KB 286ms
140ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:24:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78212
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 4587423269125806604
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 17:24:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 0921 3 KB
1 KB 297ms
151ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 13:37:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5422
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 13:37:26 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 79A9 1 KB
643 B 93ms
87ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

age: 60402
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 22:21:06 GMT
etag: 48472445140208031
expires: Fri, 21 Jul 2023 22:21:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 0921 20 KB
8 KB 228ms
90ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:23:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78241
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 17:23:47 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0921 0
0 94ms
90ms Image
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTm-Dbq6vYgRk4lJ30MBHI7s_drorWacTpb0uoQNw8Qm21TnbeXD9i-KCt2pwS3rICtBUdKSvhuo_xBmNLYF4otCNFo5w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0921 179 KB
57 KB 298ms
98ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jul 2023 15:07:48 GMT

GET
H2 200 39d4397462e2693449f221f9915f9e59.js Show response
www.gstatic.com/mysidia/ Frame 0921 33 KB
14 KB 214ms
86ms Script
text/javascript 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/39d4397462e2693449f221f9915f9e59.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f3.1e100.net

Software

sffe /

Resource Hash

67edbe1fe2a38ebf16fc36b42cc267e37f18629ec79feae7a177178bf6e24d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 08:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 198315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14179
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 16:24:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 17 Oct 2023 08:02:33 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/6102867482340996965/ Frame 0921 62 KB
62 KB 291ms
155ms Image
image/jpeg 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6102867482340996965/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

af93b9e93d6e96b3581bb44973f8b926b4299feb20715b40c39df30324e64fb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:31:30 GMT
x-content-type-options: nosniff
age: 153378
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62987
x-xss-protection: 0
last-modified: Tue, 05 Apr 2022 17:12:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 18 Jul 2024 20:31:30 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/8725618722527173126/ Frame 0921 4 KB
4 KB 346ms
210ms Image
image/jpeg 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8725618722527173126/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

b633632f0f47a13e0a0e8d5ee39d74a0cee7236c1d3dc3aba944033aed08fe3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 12:01:52 GMT
x-content-type-options: nosniff
age: 11156
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4339
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 16:10:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 20 Jul 2024 12:01:52 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E2BC 14 KB
1 KB 95ms
95ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Jul 2023 15:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Jul 2023 14:45:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Jul 2023 15:07:48 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame E2BC 2 KB
926 B 282ms
223ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:24:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 17:24:17 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/ Frame E2BC 23 KB
9 KB 279ms
221ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:24:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78212
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 4587423269125806604
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 17:24:16 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AF98 143 B
166 B 95ms
87ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

age: 3362
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 14:11:46 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame E2BC 3 KB
1 KB 271ms
223ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 13:37:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5422
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 13:37:26 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B626 1 KB
643 B 96ms
90ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

age: 60402
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 22:21:06 GMT
etag: 48472445140208031
expires: Fri, 21 Jul 2023 22:21:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame E2BC 20 KB
8 KB 178ms
130ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:23:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78241
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 17:23:47 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E2BC 0
0 95ms
89ms Image
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQNXq4_h4VXJPtLDbUNaXpDv-sQKlQQhPJtdVVI-g3zNh0kruclGKx6fdGMI_13OkIEfecgSUTYS40F4pNvCDweRnAliA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E2BC 179 KB
56 KB 303ms
194ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jul 2023 15:07:48 GMT

GET
H2 200 39d4397462e2693449f221f9915f9e59.js Show response
www.gstatic.com/mysidia/ Frame E2BC 33 KB
14 KB 171ms
134ms Script
text/javascript 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/39d4397462e2693449f221f9915f9e59.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f3.1e100.net

Software

sffe /

Resource Hash

67edbe1fe2a38ebf16fc36b42cc267e37f18629ec79feae7a177178bf6e24d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 08:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 198315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14179
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 16:24:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 17 Oct 2023 08:02:33 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 79A9 35 B
464 B 905ms
86ms Image
image/gif 91.228.74.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKZnmVw3ALsm7wYjYJ9-dT4&google_cver=1&google_push=AaAOQGFj3pjnkCZCfS2ngX0mpj9qRd6xgPjXFmTBsLOtQryJAAjN-y1fDufhpyDnWyKZUONZdm7G5ModN_YJXLFLGFvQx61fmcBs-UY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.206 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 15:07:49 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 79A9
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKpQa1z9JLnf36cF52ja33k&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKpQa1z9JLnf36cF52ja33k&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eG5XRnA4d2IxUW1SSnQ1&google_gid=CAESEKpQa1z9JLnf36cF52ja33k&google_cver=1&google_push=AaAOQGFT_Gdr-WFrPyejoijRsd79ZXP6Oo0fRcs5AuU4ZdG...

170 B
188 B

89ms
89ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eG5XRnA4d2IxUW1SSnQ1&google_gid=CAESEKpQa1z9JLnf36cF52ja33k&google_cver=1&google_push=AaAOQGFT_Gdr-WFrPyejoijRsd79ZXP6Oo0fRcs5AuU4ZdG_OF6N54zCeW4xia3vzLj6y8oTZ6qk6Os8f9FZpa-2XvvuSSn0ebwNNQs

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 15:07:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 21 Jul 2023 15:07:50 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-783-g46ba6fe#rel-ec2-master i-0ee6b652682556fe2@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eG5XRnA4d2IxUW1SSnQ1&google_gid=CAESEKpQa1z9JLnf36cF52ja33k&google_cver=1&google_push=AaAOQGFT_Gdr-WFrPyejoijRsd79ZXP6Oo0fRcs5AuU4ZdG_OF6N54zCeW4xia3vzLj6y8oTZ6qk6Os8f9FZpa-2XvvuSSn0ebwNNQs
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 79A9
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEL5yfLYNBS7RGtcUDfignVw&google_cver=1&google_push=AaAOQGEmB3ECQoptTOr6KUzg-wWdeiVIMmDp-eGx53z97vHqPSWQPjJ9nbz875CBvJ5pViX-4kUgyE4ZaRQ8w9gO4VgIBEIDmaWwh...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEL5yfLYNBS7RGtcUDfignVw&google_cver=1&google_push=AaAOQGEmB3ECQoptTOr6KUzg-wWdeiVIMmDp-eGx53z97vHqPSWQPjJ9nbz875CBvJ5pViX-4kUgyE4ZaRQ8w9gO4VgIBEIDmaW...

43 B
449 B

503ms
491ms

Image
image/gif

104.18.24.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEL5yfLYNBS7RGtcUDfignVw&google_cver=1&google_push=AaAOQGEmB3ECQoptTOr6KUzg-wWdeiVIMmDp-eGx53z97vHqPSWQPjJ9nbz875CBvJ5pViX-4kUgyE4ZaRQ8w9gO4VgIBEIDmaWwhZw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGEmB3ECQoptTOr6KUzg-wWdeiVIMmDp-eGx53z97vHqPSWQPjJ9nbz875CBvJ5pViX-4kUgyE4ZaRQ8w9gO4VgIBEIDmaWwhZw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 15:07:50 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7ea45b133f8a489f-LIS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 15:07:49 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 423
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEL5yfLYNBS7RGtcUDfignVw&google_cver=1&google_push=AaAOQGEmB3ECQoptTOr6KUzg-wWdeiVIMmDp-eGx53z97vHqPSWQPjJ9nbz875CBvJ5pViX-4kUgyE4ZaRQ8w9gO4VgIBEIDmaWwhZw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGEmB3ECQoptTOr6KUzg-wWdeiVIMmDp-eGx53z97vHqPSWQPjJ9nbz875CBvJ5pViX-4kUgyE4ZaRQ8w9gO4VgIBEIDmaWwhZw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7ea45b119c38489f-LIS
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 79A9 70 B
264 B 3425ms
164ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESELCQC64iRGbrO3OrGaXyz5g&google_cver=1&google_push=AaAOQGEPM64pNleOTOZsDmIJU34LzrF_vnM8oBdrs_ee4A-ZurxPTSr2QpWIUcnPYum_XEfVQ-LEKEmKwO2cXiKjJ4SvUOTtT9yUEg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 21 Jul 2023 15:07:51 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 79A9 0
173 B 3295ms
128ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESELaa6uNAPzz8lX8JDcPvUso&google_cver=1&google_push=AaAOQGE8sC9-KTtwsY6HH1BX_Z_DNoGIECMERz516sr8ni0LqJtYVkCZgilUjtg7s_uxMmPqp4LDIOVUtONQ_QQrUtEXC91F_ZIACbU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:51 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 79A9
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEN1ZS05ZZipvmbEK5pW6x38&google_cver=1&google_push=AaAOQGG_k-SPWA33annGxHpaQk_gVk5__1tju_lbun0WCkyt3jaVjtQTeUj1OtfMKW5wONbaBw6ple92YmsjHq94tI7b...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGG_k-SPWA33annGxHpaQk_gVk5__1tju_lbun0WCkyt3jaVjtQTeUj1OtfMKW5wONbaBw6ple92YmsjHq94tI7bGuoCZZ0WzIA&google_hm=

170 B
188 B

88ms
88ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGG_k-SPWA33annGxHpaQk_gVk5__1tju_lbun0WCkyt3jaVjtQTeUj1OtfMKW5wONbaBw6ple92YmsjHq94tI7bGuoCZZ0WzIA&google_hm=

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 15:07:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGG_k-SPWA33annGxHpaQk_gVk5__1tju_lbun0WCkyt3jaVjtQTeUj1OtfMKW5wONbaBw6ple92YmsjHq94tI7bGuoCZZ0WzIA&google_hm=
date: Fri, 21 Jul 2023 15:07:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

report
sync.teads.tv/um/ Frame 79A9
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEEhPXB-kBfl_...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGHKYMgmTbZMKLJs2GjdLY6yOxSWhAmSh-KZ1BzGmLg57LJWY-vCy8v7FK7nkQqHSQrD-Fo5Vw6kKuI5tp7_XW4KdvzdzX40g28
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

111ms
110ms

Image
image/gif

23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Fri, 21 Jul 2023 15:07:49 GMT
pragma: no-cache
date: Fri, 21 Jul 2023 15:07:49 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 15:07:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 79A9 0
130 B 1001ms
94ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lvgox0Gna37PJUpmzFlikSjUb6cXROPmruS8m7ItKueclzvf6u37fMZayeoDN7afEIBMa5iQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:49 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 99ms
91ms Script
application/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ezcash.vn

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 08E8 124 KB
42 KB 298ms
295ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&h=280&adk=326101615&adf=3347376195&pi=t.aa~a.307254967~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689952068&rafmt=1&to=qs&pwprc=3986467712&format=1200x280&url=https%3A%2F%2Fezcash.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689952067685&bpp=1&bdt=4901&idt=0&shv=r20230719&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2a604d250f8f045-227b032735de002a%3AT%3D1689952065%3ART%3D1689952065%3AS%3DALNI_MZ3RLA_igbtWAnnizIH3flM6jWCWg&gpic=UID%3D00000cffeba318aa%3AT%3D1689952065%3ART%3D1689952065%3AS%3DALNI_Mb1qH2x91YVf6Y9vFnGGilf_tvHWQ&prev_fmts=728x90%2C300x250%2C0x0%2C1200x280%2C1200x280%2C324x250%2C324x250%2C1600x1200%2C1005x124&nras=8&correlator=3657160247113&frm=20&pv=1&ga_vid=1093599422.1689952066&ga_sid=1689952066&ga_hid=10922184&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4575&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076162%2C31076208%2C31076252%2C42531705%2C44788441%2C44789819%2C44797785&oid=2&pvsid=511402500215813&tmod=1210082220&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=zwDrCX2dyS&p=https%3A//ezcash.vn&dtd=596

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

52398d0a473b10bdcff623fd7633482b05b1870bf1e14b895ea413ee7106a8d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezcash.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 42570
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 15:07:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame B626 0
104 B 573ms
135ms Image
text/plain 63.215.202.140
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHEe68Z6P0L4zFzVUqY3GqQ&google_cver=1&google_push=AaAOQGHfc1cBe_186QXQLGXtjJXXBsGkn260awhczqOwugsX19194MusWK8fK-hQ7VVPnY13svbe3c3LBmtJrioHbngO_fObH5B2Zw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.215.202.140 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams01-nessy-float2.dotomi.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 15:07:48 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B626
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEAFldsMmrRUkah6psqm3qnA&google_cver=1&google_push=AaAOQGERoeVLAq8bXoZZuUfPmTH_R2HdirVc4HsZaQcD-gdqlc0_8QsFG-SG0Mbd-en_CYuW4_0hBb3bgBQwdo1N_2KyUs2IBiZwOg
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E0E56D32F0574AC9A9F22672E7841348&google_push=AaAOQGERoeVLAq8bXoZZuUfPmTH_R2HdirVc4HsZaQcD-gdqlc0_8QsFG-SG0Mbd-en_CYuW4_0hBb3bgBQwdo1...

170 B
329 B

271ms
96ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E0E56D32F0574AC9A9F22672E7841348&google_push=AaAOQGERoeVLAq8bXoZZuUfPmTH_R2HdirVc4HsZaQcD-gdqlc0_8QsFG-SG0Mbd-en_CYuW4_0hBb3bgBQwdo1N_2KyUs2IBiZwOg

Requested by

Host: ezcash.vn
URL: https://ezcash.vn/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 15:07:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 21 Jul 2023 15:07:48 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E0E56D32F0574AC9A9F22672E7841348&google_push=AaAOQGERoeVLAq8bXoZZuUfPmTH_R2HdirVc4HsZaQcD-gdqlc0_8QsFG-SG0Mbd-en_CYuW4_0hBb3bgBQwdo1N_2KyUs2IBiZwOg
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 20 Jul 2023 15:07:48 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame B626 70 B
264 B 3305ms
169ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESELCQC64iRGbrO3OrGaXyz5g&google_cver=1&google_push=AaAOQGHrngjLpsQvZdpML-uVJZquTSsb-tnERyVBPn_26Lgeb8-RGK3Kl2uRudnYE9BTpdyUisvh5_hkKpdrqSWET0C0E4TIiRlD3w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 21 Jul 2023 15:07:51 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B626
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPKXToxl7Zy5Yy83qVoM6sQ&google_cver=1&google_push=AaAOQGG6FHU_FIXITgycAeSRPuzNj0qtsRKB5C0QtcWf5jg_7LVeEd5lSTDKcgLavmAar68v26drCQaY6K1...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGG6FHU_FIXITgycAeSRPuzNj0qtsRKB5C0QtcWf5jg_7LVeEd5lSTDKcgLavmAar68v26drCQaY6K12rfDsgodbZAYsknCzpA&google_hm=22Cw6xx-T5uq6HVvk_...

170 B
188 B

89ms
88ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGG6FHU_FIXITgycAeSRPuzNj0qtsRKB5C0QtcWf5jg_7LVeEd5lSTDKcgLavmAar68v26drCQaY6K12rfDsgodbZAYsknCzpA&google_hm=22Cw6xx-T5uq6HVvk_04U1I

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 15:07:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 15:07:50 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGG6FHU_FIXITgycAeSRPuzNj0qtsRKB5C0QtcWf5jg_7LVeEd5lSTDKcgLavmAar68v26drCQaY6K12rfDsgodbZAYsknCzpA&google_hm=22Cw6xx-T5uq6HVvk_04U1I
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B626
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEN1ZS05ZZipvmbEK5pW6x38&google_cver=1&google_push=AaAOQGH-GbcTM3rNKlnDY7IvhrVf8KNKUTQP3dj102xjdyLxPoCLvKb0b7Q18gXC8ysF3h7miYyhxldsGnc0_VaxP_Rv...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGH-GbcTM3rNKlnDY7IvhrVf8KNKUTQP3dj102xjdyLxPoCLvKb0b7Q18gXC8ysF3h7miYyhxldsGnc0_VaxP_RvHHUDYg6fgA&google_hm=

170 B
188 B

88ms
88ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGH-GbcTM3rNKlnDY7IvhrVf8KNKUTQP3dj102xjdyLxPoCLvKb0b7Q18gXC8ysF3h7miYyhxldsGnc0_VaxP_RvHHUDYg6fgA&google_hm=

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 15:07:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGH-GbcTM3rNKlnDY7IvhrVf8KNKUTQP3dj102xjdyLxPoCLvKb0b7Q18gXC8ysF3h7miYyhxldsGnc0_VaxP_RvHHUDYg6fgA&google_hm=
date: Fri, 21 Jul 2023 15:07:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame B626 43 B
363 B 3305ms
123ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3D%25%25GOOGLE_PUSH%25%25&google_gid=CAESEEMdZbRHJC_-2K0buXvfvkA&google_cver=1&google_push=AaAOQGHUBCOkgU3_wZCge9CV188fJF-9EEajhhPiF_ZfH8GPqyBveq9TmUDG0O8r8PO74ImISJ-ZkIea3Ij0igLv-YUlS01YZn-5

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 15:07:50 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 175520
expires: Fri, 21 Jul 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B626
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEDy8iv_9U9VBvsa7ItNS0p8&google_cver=1&google_push=AaAOQGEF4HNMXT8iKqTbALB69tzaulS8H6t9OLkA5qzY1PAsZiKMpGOG3TV-8sGSXE56YRnUoCmk88sbOFBC...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEF4HNMXT8iKqTbALB69tzaulS8H6t9OLkA5qzY1PAsZiKMpGOG3TV-8sGSXE56YRnUoCmk88sbOFBC9WTZYNdzgY-ghkeAeA

170 B
188 B

99ms
98ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEF4HNMXT8iKqTbALB69tzaulS8H6t9OLkA5qzY1PAsZiKMpGOG3TV-8sGSXE56YRnUoCmk88sbOFBC9WTZYNdzgY-ghkeAeA

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 15:07:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEF4HNMXT8iKqTbALB69tzaulS8H6t9OLkA5qzY1PAsZiKMpGOG3TV-8sGSXE56YRnUoCmk88sbOFBC9WTZYNdzgY-ghkeAeA
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B626 0
40 B 877ms
96ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IAiITOOMiFKrhMRMjzsHXcCzT1Hd5WPnmK65hXCN9btg24Cblo04nt_kW5qeffCzcNKhrX

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:49 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AF98
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

116ms
100ms

Document
text/html

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 15:07:48 GMT
expires: Fri, 21 Jul 2023 15:07:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 15:07:48 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0921 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9857b369696fd3e0aaa886e9fa0d2d9be9eee78f35ca8292a0ab61b2b01ab4d1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0921 0
19 B 134ms
129ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CpV0vQp-6ZP7BMISC1fAPq5SnYP6zj7FtlqTsnIANt8uivcABEAEgu-O_fmDt_N2FrBugAYCSjd8DyAEJqQK2HdTbWquyPqgDAcgDywSqBMkBT9AlBhzOmSQ7tj47pzB5sCvl9w5CBYPf3NnCRGSAed1zylBFniPgLP-xekjgOVJWHOqu9eu8qZ9UNA37yGIhEe0itzIirTFUVlvbPw5CQrLUBdVS_7H1CPc8rgY3jM7bCVYreLKv8u6gudtSBRArgCH72ogxLe3Zp24BsDvGEnzLF4DfdqZzKLiTmoQisnN4YVhwf2dPuTvAEBdeC5HeSEd_Ud-TUUiaz8eEwCA6gHsA1iQPR3zufPXqZE57aKREoWz_f6dMS0kQwASF1o3qngKSBQQIBBgBkgUECAUYBKAGLoAH6O3yIKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEL-TAdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwGiDAgqBgoEw7CxArgT5APYEw2IFAvQFQGYFgGAFwGyFxwKGggAEhRwdWItMTgyODU3ODc4MTY1NjY3NxgA&sigh=0Qu0ZXJvV7s&uach_m=[UACH]&cid=CAQSPABpAlJWdakMNc3nPi4-PqaN9sO3ghzG4yUHiFmQXLPIFrsU5Bo1Tfo5nKDguCH_ZBLXmbvn-lcLDO0PLhgB&template_id=484&cbvp=2&vis=1

Requested by

Host: ezcash.vn
URL: https://ezcash.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 21 Jul 2023 15:07:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E2BC 0
20 B 112ms
112ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=26&version=r20230719&sample=0.01

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/load_preloaded_resource_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 15:07:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame C996 37 KB
14 KB 88ms
88ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Host: ezcash.vn
URL: https://ezcash.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:27:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 243628
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 19:27:20 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 08E8 14 KB
1 KB 94ms
93ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&h=280&adk=326101615&adf=3347376195&pi=t.aa~a.307254967~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689952068&rafmt=1&to=qs&pwprc=3986467712&format=1200x280&url=https%3A%2F%2Fezcash.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689952067685&bpp=1&bdt=4901&idt=0&shv=r20230719&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2a604d250f8f045-227b032735de002a%3AT%3D1689952065%3ART%3D1689952065%3AS%3DALNI_MZ3RLA_igbtWAnnizIH3flM6jWCWg&gpic=UID%3D00000cffeba318aa%3AT%3D1689952065%3ART%3D1689952065%3AS%3DALNI_Mb1qH2x91YVf6Y9vFnGGilf_tvHWQ&prev_fmts=728x90%2C300x250%2C0x0%2C1200x280%2C1200x280%2C324x250%2C324x250%2C1600x1200%2C1005x124&nras=8&correlator=3657160247113&frm=20&pv=1&ga_vid=1093599422.1689952066&ga_sid=1689952066&ga_hid=10922184&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4575&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076162%2C31076208%2C31076252%2C42531705%2C44788441%2C44789819%2C44797785&oid=2&pvsid=511402500215813&tmod=1210082220&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=zwDrCX2dyS&p=https%3A//ezcash.vn&dtd=596

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Jul 2023 15:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Jul 2023 14:43:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Jul 2023 15:07:48 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 08E8 2 KB
926 B 91ms
89ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:24:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 17:24:17 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/ Frame 08E8 23 KB
9 KB 87ms
84ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:24:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78212
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 4587423269125806604
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 17:24:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 08E8 3 KB
1 KB 89ms
86ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 13:37:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5422
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 13:37:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 08E8 20 KB
8 KB 87ms
86ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:23:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78241
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 17:23:47 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 08E8 0
0 91ms
89ms Image
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTF0lTXRwRBUJNGgEH1V0TphwakeXLqXxh5WruF66QSUUYjyviuuVD_dN_rP5AEgQ_TYWRqLxHquUSafzyhWFoPxBH0BA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&h=280&adk=326101615&adf=3347376195&pi=t.aa~a.307254967~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689952068&rafmt=1&to=qs&pwprc=3986467712&format=1200x280&url=https%3A%2F%2Fezcash.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689952067685&bpp=1&bdt=4901&idt=0&shv=r20230719&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2a604d250f8f045-227b032735de002a%3AT%3D1689952065%3ART%3D1689952065%3AS%3DALNI_MZ3RLA_igbtWAnnizIH3flM6jWCWg&gpic=UID%3D00000cffeba318aa%3AT%3D1689952065%3ART%3D1689952065%3AS%3DALNI_Mb1qH2x91YVf6Y9vFnGGilf_tvHWQ&prev_fmts=728x90%2C300x250%2C0x0%2C1200x280%2C1200x280%2C324x250%2C324x250%2C1600x1200%2C1005x124&nras=8&correlator=3657160247113&frm=20&pv=1&ga_vid=1093599422.1689952066&ga_sid=1689952066&ga_hid=10922184&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4575&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076162%2C31076208%2C31076252%2C42531705%2C44788441%2C44789819%2C44797785&oid=2&pvsid=511402500215813&tmod=1210082220&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=zwDrCX2dyS&p=https%3A//ezcash.vn&dtd=596
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 08E8 179 KB
56 KB 111ms
108ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jul 2023 15:07:48 GMT

GET
H2 200 39d4397462e2693449f221f9915f9e59.js Show response
www.gstatic.com/mysidia/ Frame 08E8 33 KB
14 KB 81ms
79ms Script
text/javascript 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/39d4397462e2693449f221f9915f9e59.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f3.1e100.net

Software

sffe /

Resource Hash

67edbe1fe2a38ebf16fc36b42cc267e37f18629ec79feae7a177178bf6e24d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 08:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 198315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14179
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 16:24:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 17 Oct 2023 08:02:33 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B7B7 1 KB
643 B 78ms
77ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

age: 60402
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 22:21:06 GMT
etag: 48472445140208031
expires: Fri, 21 Jul 2023 22:21:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/16986355538340106411/ Frame 08E8 31 KB
31 KB 136ms
136ms Image
image/jpeg 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16986355538340106411/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

dce933a112e3d0fe97af6482cde994f5e3efff262d13a08359adab9cb8831699

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:48 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31521
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 19:36:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 20 Jul 2024 15:07:48 GMT

GET
DATA 200
OK truncated
/ Frame 08E8 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 08E8 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame 6029 37 KB
14 KB 87ms
87ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Host: ezcash.vn
URL: https://ezcash.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:27:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 243628
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 19:27:20 GMT

GET
DATA 200
OK truncated
/ Frame 08E8 205 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3ce3a1a27c18643bf69abaee7cd490c35f4e28d94f3756037c91457c26047e9

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame B7B7 35 B
465 B 258ms
86ms Image
image/gif 91.228.74.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKZnmVw3ALsm7wYjYJ9-dT4&google_cver=1&google_push=AaAOQGGZyjXdKfiEzF21mv3JiFqpmCyYev9H73n9nxVkjrQmao-hLWV4XJDO0sU95ZqFDByAVF8nKKqZx6ZUMSu7Cvo5eLjXFTbA0Ow

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.206 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 15:07:49 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B7B7
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKpQa1z9JLnf36cF52ja33k&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKpQa1z9JLnf36cF52ja33k&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NnpKQW5BRmQxUW1SSnQ1&google_gid=CAESEKpQa1z9JLnf36cF52ja33k&google_cver=1&google_push=AaAOQGHLb8C2ZtJBhWR8FtyVz8KOn1M7sXnA42tdhcn-0v_...

170 B
188 B

90ms
90ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NnpKQW5BRmQxUW1SSnQ1&google_gid=CAESEKpQa1z9JLnf36cF52ja33k&google_cver=1&google_push=AaAOQGHLb8C2ZtJBhWR8FtyVz8KOn1M7sXnA42tdhcn-0v_lbXfyOjfgLkCa_O9gdIMJUyXO29MISaAlca327RJXacWhtIKp503Pnw

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 15:07:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 21 Jul 2023 15:07:51 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-783-g46ba6fe#rel-ec2-master i-0d2a77f9c6d8820ba@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NnpKQW5BRmQxUW1SSnQ1&google_gid=CAESEKpQa1z9JLnf36cF52ja33k&google_cver=1&google_push=AaAOQGHLb8C2ZtJBhWR8FtyVz8KOn1M7sXnA42tdhcn-0v_lbXfyOjfgLkCa_O9gdIMJUyXO29MISaAlca327RJXacWhtIKp503Pnw
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B7B7
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESED4YbqhvgF48k4lnBPdLmGU&google_cver=1&google_push=AaAOQGERnLgpHBaHkH7NBB7Fv5TtkqxZGnrRad9o1I0gKznzF_ShnBQTA0GZc5Omz26TH2RPp9BLE0lT2xCTaQVu...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGERnLgpHBaHkH7NBB7Fv5TtkqxZGnrRad9o1I0gKznzF_ShnBQTA0GZc5Omz26TH2RPp9BLE0lT2xCTaQVu75PG2N4-dD2boQ

170 B
232 B

102ms
99ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGERnLgpHBaHkH7NBB7Fv5TtkqxZGnrRad9o1I0gKznzF_ShnBQTA0GZc5Omz26TH2RPp9BLE0lT2xCTaQVu75PG2N4-dD2boQ

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 15:07:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 21 Jul 2023 15:07:49 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x11 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGERnLgpHBaHkH7NBB7Fv5TtkqxZGnrRad9o1I0gKznzF_ShnBQTA0GZc5Omz26TH2RPp9BLE0lT2xCTaQVu75PG2N4-dD2boQ
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 21 Jul 2023 15:07:48 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame B7B7 70 B
265 B 2778ms
163ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESELCQC64iRGbrO3OrGaXyz5g&google_cver=1&google_push=AaAOQGGb_DUasff3VOg0ArrkpeslZyozyOmBE2HZlLZ93GIAUP427By9GEsbt8Dy-tGEA3Ms-vIln9zKTdcM2XIW-y-nnQQUhCYKjiQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&h=280&adk=326101615&adf=3347376195&pi=t.aa~a.307254967~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689952068&rafmt=1&to=qs&pwprc=3986467712&format=1200x280&url=https%3A%2F%2Fezcash.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689952067685&bpp=1&bdt=4901&idt=0&shv=r20230719&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2a604d250f8f045-227b032735de002a%3AT%3D1689952065%3ART%3D1689952065%3AS%3DALNI_MZ3RLA_igbtWAnnizIH3flM6jWCWg&gpic=UID%3D00000cffeba318aa%3AT%3D1689952065%3ART%3D1689952065%3AS%3DALNI_Mb1qH2x91YVf6Y9vFnGGilf_tvHWQ&prev_fmts=728x90%2C300x250%2C0x0%2C1200x280%2C1200x280%2C324x250%2C324x250%2C1600x1200%2C1005x124&nras=8&correlator=3657160247113&frm=20&pv=1&ga_vid=1093599422.1689952066&ga_sid=1689952066&ga_hid=10922184&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4575&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076162%2C31076208%2C31076252%2C42531705%2C44788441%2C44789819%2C44797785&oid=2&pvsid=511402500215813&tmod=1210082220&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=zwDrCX2dyS&p=https%3A//ezcash.vn&dtd=596
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 21 Jul 2023 15:07:51 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B7B7
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEN1ZS05ZZipvmbEK5pW6x38&google_cver=1&google_push=AaAOQGEEvCe4vaUaaQKh_kCXYD04V4yo6vrTw_X9yaq_OSXJ83qJ2Tc3DEEK26RtPVgUlL2hEsRfPRTMNMSnwARIdilB...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGEEvCe4vaUaaQKh_kCXYD04V4yo6vrTw_X9yaq_OSXJ83qJ2Tc3DEEK26RtPVgUlL2hEsRfPRTMNMSnwARIdilBiBp1OgTHvX4&google_hm=

170 B
188 B

88ms
88ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGEEvCe4vaUaaQKh_kCXYD04V4yo6vrTw_X9yaq_OSXJ83qJ2Tc3DEEK26RtPVgUlL2hEsRfPRTMNMSnwARIdilBiBp1OgTHvX4&google_hm=

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 15:07:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGEEvCe4vaUaaQKh_kCXYD04V4yo6vrTw_X9yaq_OSXJ83qJ2Tc3DEEK26RtPVgUlL2hEsRfPRTMNMSnwARIdilBiBp1OgTHvX4&google_hm=
date: Fri, 21 Jul 2023 15:07:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B7B7
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEODFrnGodc4QAPUDPS3bVNo&google_cver=1&google_push=AaAOQGFkZ1uUNDGsuqgEn4Xk3Lo7GYh0ytsj8Y7goHaQnI4c5wB7lvNOlidwHvge-Y1tzt35tFRZTUyIzzqkCzRQy7P_XTC...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFkZ1uUNDGsuqgEn4Xk3Lo7GYh0ytsj8Y7goHaQnI4c5wB7lvNOlidwHvge-Y1tzt35tFRZTUyIzzqkCzRQy7P_XTCZkyfPCv8&google_hm=eS1rcmJfLnpkRTJwSDZ...

170 B
232 B

98ms
97ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFkZ1uUNDGsuqgEn4Xk3Lo7GYh0ytsj8Y7goHaQnI4c5wB7lvNOlidwHvge-Y1tzt35tFRZTUyIzzqkCzRQy7P_XTCZkyfPCv8&google_hm=eS1rcmJfLnpkRTJwSDZUYldIN1hGcVdKdmwwQXI5bUVQOH5B

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 15:07:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 21 Jul 2023 15:07:49 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFkZ1uUNDGsuqgEn4Xk3Lo7GYh0ytsj8Y7goHaQnI4c5wB7lvNOlidwHvge-Y1tzt35tFRZTUyIzzqkCzRQy7P_XTCZkyfPCv8&google_hm=eS1rcmJfLnpkRTJwSDZUYldIN1hGcVdKdmwwQXI5bUVQOH5B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B7B7
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEESK5H-EQ_PFPWfavs7tdwY&google_cver=1&google_push=AaAOQGG5pBOYycK69pAYmYE4Vq6vhcDw-OU2iz1bDTThGw33GdXUEKuC6EBIG8Wb_i0GO8ndDTZiVsWX...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEESK5H-EQ_PFPWfavs7tdwY&google_cver=1&google_push=AaAOQGG5pBOYycK69pAYmYE4Vq6vhcDw-OU2iz1bDTThGw33GdXUEKuC6EBIG8Wb_i0GO8ndDTZ...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzQ1ODAxNTU3ODUwNjYwNzQ1OQ&google_push=AaAOQGG5pBOYycK69pAYmYE4Vq6vhcDw-OU2iz1bDTThGw33GdXUEKuC6EBIG8Wb_i0GO8ndDTZiVs...

170 B
232 B

97ms
97ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzQ1ODAxNTU3ODUwNjYwNzQ1OQ&google_push=AaAOQGG5pBOYycK69pAYmYE4Vq6vhcDw-OU2iz1bDTThGw33GdXUEKuC6EBIG8Wb_i0GO8ndDTZiVsWXZpzP4TFcMumVSn2HKk1gxZM

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 15:07:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 15:07:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzQ1ODAxNTU3ODUwNjYwNzQ1OQ&google_push=AaAOQGG5pBOYycK69pAYmYE4Vq6vhcDw-OU2iz1bDTThGw33GdXUEKuC6EBIG8Wb_i0GO8ndDTZiVsWXZpzP4TFcMumVSn2HKk1gxZM
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B7B7 0
40 B 356ms
95ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JD4X6bEe4ATKvigjdqE_vePgpUkgBQz-GknHqwwlvCXLQJkuvbjYUaFZVPnMTq_kiT0Nmn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:49 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 08E8 33 KB
33 KB 114ms
79ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 02:43:59 GMT
x-content-type-options: nosniff
age: 476630
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Jul 2024 02:43:59 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 08E8 0
19 B 127ms
125ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_2jBRJ-6ZKKNFYSB1fAPkJKamAfsz8KraPysu5TMEY3m2r_NARABILvjv35g7fzdhawboAH6g7e6AsgBCakCth3U21qrsj6oAwHIA8sEqgTUAU_QP9xGtLO3EmwGvaSNOQRrTxj4KtYv0hI9jn_2smrgmiPIcUViau48cbzb6ruze2RFfmebxyHkqSRSyLrkbHMLyaU1rjn4xUidI2vFhMN0c-CvEhOtTlt7xBYz4DB7oToIuCBrpKnPS8K70yUGNrElWFXTuN7Rgmk1TjmjY1J96-QmKg1mh2cL93LLG65SgZzWaTldYfJgx72XkgEV-OHbMaiV18soMTG9rRY7Y2OSxj_GG-hXlCyq37YMvJmCG5VIbWgkK9hPv0BTOF2nQB0RxmWawASHrfbF-gKSBQQIBBgBkgUECAUYBKAGLoAH7vvIxQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxD5NdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwGiDAgqBgoEw7CxAtgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xODI4NTc4NzgxNjU2Njc3GAA&sigh=r5kRTSokLo4&uach_m=[UACH]&cid=CAQSPABpAlJWyd_T7H-0RVP61xTgvtw5txzlLd4NZg6IyB-jf_zuDd4HC5dDwi4JwhT9nGJ1R8ZezyI6NGTwjRgB&template_id=5000&cbvp=2&vis=1

Requested by

Host: ezcash.vn
URL: https://ezcash.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&h=280&adk=326101615&adf=3347376195&pi=t.aa~a.307254967~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689952068&rafmt=1&to=qs&pwprc=3986467712&format=1200x280&url=https%3A%2F%2Fezcash.vn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689952067685&bpp=1&bdt=4901&idt=0&shv=r20230719&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2a604d250f8f045-227b032735de002a%3AT%3D1689952065%3ART%3D1689952065%3AS%3DALNI_MZ3RLA_igbtWAnnizIH3flM6jWCWg&gpic=UID%3D00000cffeba318aa%3AT%3D1689952065%3ART%3D1689952065%3AS%3DALNI_Mb1qH2x91YVf6Y9vFnGGilf_tvHWQ&prev_fmts=728x90%2C300x250%2C0x0%2C1200x280%2C1200x280%2C324x250%2C324x250%2C1600x1200%2C1005x124&nras=8&correlator=3657160247113&frm=20&pv=1&ga_vid=1093599422.1689952066&ga_sid=1689952066&ga_hid=10922184&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4575&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076162%2C31076208%2C31076252%2C42531705%2C44788441%2C44789819%2C44797785&oid=2&pvsid=511402500215813&tmod=1210082220&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=zwDrCX2dyS&p=https%3A//ezcash.vn&dtd=596
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 21 Jul 2023 15:07:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 308ms
136ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230719&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

b33619cd3510f4eb1a8e546c9a6a6be6cf67b6d963beb8259aacc0cd1066116d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11704
x-xss-protection: 0

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame EC8F 37 KB
14 KB 80ms
78ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:27:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 243629
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 19:27:20 GMT

POST
H3 204 rum Show response
ezcash.vn/cdn-cgi/ 0
137 B 66ms
66ms XHR
text/plain 104.21.52.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ezcash.vn/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v2cb3a2ab87c5498db5ce7e6608cf55231689030342039

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.52.124 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ezcash.vn/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Fri, 21 Jul 2023 15:07:49 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://ezcash.vn
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7ea45b105ef6ff28-MAD

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 109ms
105ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 15:07:49 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A039 13 KB
5 KB 91ms
89ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezcash.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 5277
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 13:39:52 GMT
expires: Sat, 20 Jul 2024 13:39:52 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 64B7 783 B
535 B 100ms
98ms Document
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

3da1034e1fbc1505f91d2d7a0642178fff9fd7347804fbe9c9f44c6abf2b0105

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DOwAhsJ74JCex1-0OPeWpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ezcash.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-DOwAhsJ74JCex1-0OPeWpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 15:07:49 GMT
expires: Fri, 21 Jul 2023 15:07:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0921 42 B
64 B 133ms
129ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstX3Xr0nczzUMoU9_7JiEMpjo7QN4isvMLAPh2oc8y0eFrsOwsys4Pb0nm3IDbrYP5UKKwfiVlag2f7tpuFw937VHcwSTzT6DZAHZ_d1snnKz1zW6RqGy4eCFklQp0ji-Bptn50eVIaNEpy&sai=AMfl-YTa1dvaCjuvA0wSRAJ9D9B90YwyZ8ZGlB9XJHwT3fII103SOIasDhgjfSX-98zniU_6Y50Yt5TtPTGjCjQceURycqpSFjs24N328eMEOMzlDSZGZ_GQaZtyHFkM&sig=Cg0ArKJSzESZtK4oRwd8EAE&cid=CAQSPABpAlJWdakMNc3nPi4-PqaN9sO3ghzG4yUHiFmQXLPIFrsU5Bo1Tfo5nKDguCH_ZBLXmbvn-lcLDO0PLhgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=235,1000,1000,1000,1000&tos=235,765,0,0,0&v=20230719&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689952067958&rpt=613&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 15:07:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame A039 37 KB
14 KB 82ms
79ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:27:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 243629
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 19:27:20 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 64B7 0
0 114ms
113ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230719&jk=511402500215813&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A039 0
10 B 82ms
81ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?OERvUQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:07:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 124ms
124ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230719&jk=511402500215813&bg=!-vml-a3NAAZsPphkTD47ADkAdvg8WmRffJmGIvPi0lq3VhWoUK4M6c3nkr3h0on5rcL6fiFPWh3G6FQlXqyb--vfp_LdVzbj4W0CAAAAZlIAAAAKaAEHmQKru1gZ42OKC1kQqEuhBq4uZ5JptSaYzM7Wzr9RwEiHe-33y951DnMxEWA9-9x-CDxSJDy0LT4RQwdmVjpZARUQjmIDqA9tvHRuTQ2n3oAgo6IT8APAoTmaat8pWPeRx_mhYF2xMyy8NxhT1ny5wZ7jCDRpAPrOq-W7pdliVsmeLtPRdDkodbzYEz11clE0z9xWKXn3v8LR1KGvaNdraY16DJwD7kvA0wt9iTToVp21iVxN3RVlkVX8_KAPaISgfPStvHWiMKk1C6OZVvU-dMRAyEYfeVyihu_5XVZ6fmgtvoA_w4HZZa54x0QjpFBRR4ZYqQP0XTsAlmnGnheg9GOC0t713AtQIMdCF661PPDMp_BpuhTvCodMLVNKsqjoJ3fOt0nK_uJAf5UraHbHEL4WYpNTs0-9AoGe75ji1sW-VSTqeOZqWu4vMs0_to3Ij7F3dQ2NccclmxILUByf0BkgNKKxI0pXXYrfYMr3PicJJyqLf4IWA6vcSWDq9uUOfMgcZloGevk_K4qUU9azU9FrE0_EgIU9vj3Zc3rAZfHmHGhmrPOUUsuH_jdSheC1TkSZ7lN7m465hPp9QFXAx_5Tfz4aotjA6Y30VeHXOEeXPfD7kQqg4KDNwgII2R0329nFjvnNizZyXct1L4bVJwA9PxrVTU2HiTLRXy4CibkV0vnC7IJLZeOQ8ZrxfNef3RwTkBzMXnccuKGza0VqfR14m9lEIjagggUImrYDD1_Z4DvIrlnI8W-_mTX80y2z0lE3egEsj3rjQd7pMb6wfXjc5QedEEM2ub2yvmdw9D1wM4qPLLlzS9RaNdH7rKdXytbz0q9v2jVD1UxxrKOH9Q_oKqC2r8LN2gfVEh2UuIZAGgHJkuy4p8xPU4uSTJs88RmeTI2WXcp3gq77QoI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

196 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ezcash.vn/	1970-01-20 15:35:28	Name: _gcl_au Value: 1.1.148177700.1689952065
.ezcash.vn/	1970-01-20 23:01:52	Name: _ga_N0PLB72BPZ Value: GS1.1.1689952065.1.0.1689952065.60.0.0
.ezcash.vn/	1970-01-20 23:01:52	Name: _ga Value: GA1.2.1093599422.1689952066
.ezcash.vn/	1970-01-20 13:27:18	Name: _gid Value: GA1.2.1481813865.1689952066
.ezcash.vn/	1970-01-20 13:25:52	Name: _gat_gtag_UA_162917087_1 Value: 1
.ezcash.vn/	1970-01-20 22:47:28	Name: __gads Value: ID=e2a604d250f8f045-227b032735de002a:T=1689952065:RT=1689952065:S=ALNI_MZ3RLA_igbtWAnnizIH3flM6jWCWg
.ezcash.vn/	1970-01-20 22:47:28	Name: __gpi Value: UID=00000cffeba318aa:T=1689952065:RT=1689952065:S=ALNI_Mb1qH2x91YVf6Y9vFnGGilf_tvHWQ
.ezcash.vn/	1970-01-20 22:11:28	Name: cf_clearance Value: 6sW_JtJ0aPow0HCCM4fkgI7WjN.FIoxtNAkgA3lJWNY-1689952067-0-0.2.1689952067
.doubleclick.net/	1970-01-20 22:47:28	Name: IDE Value: AHWqTUk1uaD8ZeC7cRsfuATlIZSd4tAyKz2nkLAlQ6Jeh__oTAFV2auqTO_rLvFaPpc
.doubleclick.net/	1970-01-20 13:25:55	Name: DSID Value: NO_DATA
.simpli.fi/	1970-01-20 22:12:54	Name: suid Value: E0E56D32F0574AC9A9F22672E7841348
.quantserve.com/	1970-01-20 15:35:28	Name: d Value: EHMBCQHCKYEA
.quantserve.com/	1970-01-20 22:56:06	Name: mc Value: 64ba9f45-0f33f-93c35-45949
.mathtag.com/	1970-01-20 14:09:04	Name: mt_mop Value: 4:1689952070
.adform.net/	1970-01-20 14:10:30	Name: C Value: 1
.yahoo.com/	1970-01-20 22:11:49	Name: A3 Value: d=AQABBEWfumQCEI4j_X2Dj92E9ODWNJNJkWoFEgEBAQHwu2TEZAAAAAAA_eMAAA&S=AQAAAqMvCkZb7DMyw6d2EynLM34
.adform.net/	1970-01-20 14:52:16	Name: uid Value: 7458015578506607459
.tribalfusion.com/	1970-01-20 15:35:28	Name: ANON_ID Value: a7nseFwyEoipuMNpbIUwK2ZdSQZdZcwjSZbU7JOWLCZbTWZc8wYM3IchRRmZa3NaUafG6blh0qFCJ2pSARYUEZbZc9WiB
.blismedia.com/	1970-01-20 22:11:32	Name: b Value: 64BA9F47173575D892D62E39BLIS
.bidswitch.net/	1970-01-20 13:25:52	Name: google_push Value: AaAOQGH-GbcTM3rNKlnDY7IvhrVf8KNKUTQP3dj102xjdyLxPoCLvKb0b7Q18gXC8ysF3h7miYyhxldsGnc0_VaxP_RvHHUDYg6fgA
.ctnsnet.com/	1970-01-20 22:11:28	Name: gid_CAESEPKXToxl7Zy5Yy83qVoM6sQ Value: 1
.ctnsnet.com/	1970-01-20 22:11:28	Name: cid_db60b0eb1c7e4f9baae8756f93fd3853 Value: 1
.w55c.net/	1970-01-20 14:09:04	Name: matchgoogle Value: 5
.w55c.net/	1970-01-20 22:57:32	Name: wfivefivec Value: 6zJAnAFd1QmRJt5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
adservice.google.com
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
dclk-match.dotomi.com
dis.criteo.com
ezcash.vn
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
images.dmca.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pr-bh.ybp.yahoo.com
region1.analytics.google.com
s.tribalfusion.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync.mathtag.com
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
www.google-analytics.com
www.google.com
www.google.pt
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
104.16.56.101
104.18.24.173
104.21.52.124
142.250.181.226
142.250.184.194
142.250.184.226
142.250.184.227
142.250.186.106
142.250.186.129
142.250.186.34
142.250.186.35
142.250.186.66
142.250.186.68
151.139.128.10
172.217.18.2
173.194.76.154
178.250.7.11
185.29.132.241
216.239.32.36
216.58.206.35
216.58.206.40
216.58.206.46
23.32.185.35
3.124.112.76
3.33.220.150
34.96.105.8
35.156.62.67
35.186.193.173
35.204.158.49
37.157.5.132
51.89.9.251
63.215.202.140
91.228.74.206
99.81.57.224
030033e1c91179db8c207c8ccd52f30fc310e7abbc032dc5487854d93cb5d950
039fd0d6f02af680d8734d282b070ba33c4f41388a415e77ec48ee8e30b29e89
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
0948409a22b5979aa7e1ec20da9e61f12e7d403800b541ece053881bd2542b70
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d52a14c53655c602af6a0cd92c82fb4a239ecb065f95797046d108da6025d0d
0e0fb4f180901a69970f247ed9260e73561df4c89684ed58205b0d81f6956122
0ef98704d53f8ae4f12faf687f69f460b7168d8d87cd273d5d0e206e05566ce1
13463b6a26f4ee2ce508df098003cdc101ebb17be48bb9b787665b4ada56cf58
1526d0045855576edceeed3f08f6dc2c1b85d8903e2e61fe501b7d9ebfbb0783
161c9820506c1ceedee1aea2b8c7767227411b1be5a78a5d5a0f28237dc07991
175148d4fdd889379200c6272e78ef47be5011cfac3148306096d45f22edea60
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
18ec45978f0a68004bbcff5a150f9eb62cfac449a51f15c5a61336a2ad1d4675
21dc21cf1cc77b458d114634e3775e70f229dc0c215b0c8958920e2079cb5a16
246ca4395058568b16777af223cb5881a3307e93d3349cb243ef3a77893ad748
27e54854af25b175f482f4acc3c32a5dfd363ae62292e66b9212764d323af2db
2a2ac34136c00e48cd04edf792aec5e6dba2b4cd5942b9383f3f56764125e808
2a5088c906fc6f97975e6815dfac905b43bd48f1b7fa6015e821dff00713ee7e
2b3c6f1d3cea37b4d8cc609a141b421a88bcaf2f3646965f9f95f4d4a683c949
2c9f053de25165ac9c67c00ae98011900d6ff1d96b2c21479197021739e1b095
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d7403e3b7073f19fd97f2cb8d4de270e5387aedfee52ab6c5def09853e37c29
2f599815bf77ea873706c7a7d098011481682777678b9a043c39ded205e38b77
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35a8d75a1b3f712d7d927c91d878d05110e6db8192c7daf8a825bb8e240ced69
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b613523709a7590e9f116baa884b24b913ca728805f9ec009c09cd167bb874d
3b7eb5bced6000903beb971fbb206e8a6490d3bcf01cf11963553edc6ba6e7cc
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
3da1034e1fbc1505f91d2d7a0642178fff9fd7347804fbe9c9f44c6abf2b0105
40b1e08090f6b44af52d116148d5c601cff1f648bd7330c09dfe91601f2d9f6d
423fcf85a5abf4a9e0bfd3bf198ef9bf597fd67824124f23823de1ad2b4e70f4
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4531fda02acff2e3d2a89e953dcc6c90a1a5c1ed5ad8da9b8e853542bb256d7d
463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665
46fff3d98034e07899f3d2f2aaec52ca07c7aa88de5ca41e87af0d6d97d30099
48179bdd30f851393833662e441f13ecba7b8e87bf950270512db5bf5634db41
4a7e8b308d52d7e50218e7b2a7dd06a0ba66b267ace78ec8245c3455eeef5b98
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9
4efd43ff6d6dc2c922d3ba71a80f7f499eb56f65df5fe2c60305b35e66062eae
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
519b4187e0bf5f62ebba579eb65de16c0c9d504063d2ce62e7b5a20768a40866
5234d0ab53e6bdbed873a394ea62336a452ef5c727327010295fca5f22c873f2
52398d0a473b10bdcff623fd7633482b05b1870bf1e14b895ea413ee7106a8d0
557c7d8dd32557129cec3d5d4f221eef6e8706e0855f826f5f6db4278e08420b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d4887c9a2b1ae027a71bac214f5ade542449d779f70b03a2c10b2ac2ff13633
5e88cefac5e42c621823471d18bd3f7bee0f5504f6aeb14a035a4ebce04b622f
6165c9069cbd887d464c8c628e554f88b6f2e39408ae1897098d70d8b4235b69
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
67edbe1fe2a38ebf16fc36b42cc267e37f18629ec79feae7a177178bf6e24d89
680394dfe6b74578d2ac7e58594d1d8b8d02d1a7a9a444abe6e08f2ae66bf0b1
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
7a2d21e2e702c65ffd5637839a05bf37333b1cb5a24a7d008780aa031a7adbe1
7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7f156825189a7982bfbcec4ae7aa77f62f14a00ebda9daf202da3340a5f544ea
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
84a3270e659bcd3932cf1294607a971b71d12d7d8a27e101bd5a9b4789cb448f
86c218553e6e90c6d7cf89c5f7305ae7b7366f8733fc532bed816e6a89aa5565
891b91e28ee0db2a37fb0a1bc3272773efd7e7fed9e0f126642f3c6baa8a2cb6
8941fd5e42ee92f4b832997fefdc875d538d5c0267a7488f2ba35780e5b75016
8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9113daaaf2ab88835c3d95871ab36b6605546009a28b0573f947b251dbaaef5e
926fd3ceaa460beb0ad878001831b7ede71b7163002e35ac16877f66b4d1e060
92aeacf7c753ef2d80010916a6b043c746b6e3aecbe2f9d72aced663f38fb679
9418a19c7e3a746f92c4d7abd451120e52360d1baa7ed0b15c26050e48682c69
9426cf2e9ba1c0c19dbc9f5379a630e73cb37d8a2085747f7986ac953bccc62e
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9857b369696fd3e0aaa886e9fa0d2d9be9eee78f35ca8292a0ab61b2b01ab4d1
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bb1746f67e09bc6b502df7359612cbacbf221e4a3b34bdfe500bd6e439ff75e
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2f1b190e5d5a3063c35b75b1a00c039b13e171eb7b099299dcb67e9e4fe65cd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a4c0de65ac4cf9c871a4381e7e3299a2d489970e2320f60bd35e561e08be118a
a588dfe758e06146624931c48d365f8a00d5c259bd2759c538796bf89550eb5f
a61b8c70c730d778a12ecff9f7a17be9b8d25f04253fd0159f02ada438255853
a77089939cd9806cbb96dc6d5986e2db2fe8892a4f207e3e78fa93b67508fef4
a8a819d7548b9c102d7776cb645212ca1e324ac2de2170598699061e29bc6cbf
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
ade5493549bbb6ac9a15ec1135ba277dcd8f61419d31649314c2bed7607ce12f
af780e357234ceb6feec085a9a31f46834c88c4d3852d79050ad9dc3658a3a67
af93b9e93d6e96b3581bb44973f8b926b4299feb20715b40c39df30324e64fb3
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b153ed5268005996e0bf3f4aa64b436e0f1721c44122101441f683ca5f7763a6
b32745855f275a2477d35c38f1a3cadddbf78d740931e8b94b59cd207f4346bc
b33619cd3510f4eb1a8e546c9a6a6be6cf67b6d963beb8259aacc0cd1066116d
b633632f0f47a13e0a0e8d5ee39d74a0cee7236c1d3dc3aba944033aed08fe3b
b6e4dff920e21e3f436a014140d01d43c97177e007556ede69f772f08cb7a7ec
bb2eee7604f3f0b5dc55018626557adccda61c7a98732f1649df6b095838fc36
bfe872d3e8bc20b801daf2d8eea922aa4e5ef6368205e9df54b03830f5a30e6b
c3ce3a1a27c18643bf69abaee7cd490c35f4e28d94f3756037c91457c26047e9
c76a36cff815e71d0f48fed00a1f66c283ca9786e6cc992bb505d32d0772a55e
c9440b911830a59895ddd69b95ebbd395b0f185d57e67c806f0e43ca47ce771c
d0f07516c4f88817a73f73226111077a28c8478c7e4d5acdc725f41351bccb62
d1c87d61697d144d62a45e704e89fff10ac0a6c448a0982f05b8a105e3968333
d7246ea8f0ede1f2eadd6aa077545b7e0423f39e19d33c7c9a99d400afbe1bbb
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8804a66490d927d2453d07427a70c6012c305c05cfde5c5c45b417dfa5e8b6f
d982c4fff78c63ed84481eb36845e3b9e2753bfe996a3ba45835f75c6af1dc55
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
dce933a112e3d0fe97af6482cde994f5e3efff262d13a08359adab9cb8831699
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e63fe244b46d6502101443cb301af1a28c485eba1c8fff9c3c0b1d5b4f653c20
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
e9c7994e07ccb531150d024dc4fd7865c724bb78b95c2e0f25eb754b58edd1b4
eb48ffe86f04c411582f908d9ab9cce60bd25873fdebdee118adf1613fa6c084
ebb74f52d595b97010ee3601e1ed536cccc19ee8ceb78fade65507a34f87c53a
ed96e32ac80d73e209ed28add0756ace607005a88576332fcf19b6a3caf573b2
eed1a2dae09faab54a4847b1543e2a2915c1e6feb15b6507fc0d02a1034ba514
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f096c63a545538cfdebda14fe95764a84d9c77873fc45afc92861e34c15e906c
f33d0cec533740488f73fb4041b19bbf6b84351924c687611e6dfc6f81776fd3
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
faefc7d5cb22f0899412f91aa8fcabe5910c50cb6faee897413b62ac324c0f79
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
ff5c735ad94edde73289e219b44b8408c2c21ddf7dae3209604b1e392192b8b7

ezcash.vn Open in urlscan Pro 104.21.52.124 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

190 Requests

93 %HTTPS

0 %IPv6

28 Domains

35 Subdomains

27 IPs

8 Countries

2691 kBTransfer

6606 kBSize

24 Cookies

27 Outgoing links

Redirected requests

190 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ezcash.vn Open in urlscan Pro
104.21.52.124 Public Scan

Screenshot
Live screenshot

Full Image

190
Requests

93 %
HTTPS

0 %
IPv6

28
Domains

35
Subdomains

27
IPs

8
Countries

2691 kB
Transfer

6606 kB
Size

24
Cookies

190 HTTP transactions
5 data transactions