urlscan.io logo urlscan.io
SecurityTrails logo

vaytientot.com Open in urlscan Pro
45.252.248.26  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://vaytientot.com/
Effective URL: https://vaytientot.com/
Submission: On August 22 via manual from VN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 6 countries across 23 domains to perform 140 HTTP transactions. The main IP is 45.252.248.26, located in Thuan An, Viet Nam and belongs to AZDIGI-AS-VN AZDIGI Corporation, VN. The main domain is vaytientot.com.
TLS certificate: Issued by R3 on August 5th 2022. Valid for: 3 months.
This is the only time vaytientot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 47 45.252.248.26 63760 (AZDIGI-AS...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 103.83.156.4 17831 (CENTERHOP...)
12 2a00:1450:400... 15169 (GOOGLE)
2 151.139.242.29 33438 (STACKPATH)
6 2606:4700::68... 13335 (CLOUDFLAR...)
17 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 172.217.16.194 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2620:116:800d... 16509 (AMAZON-02)
2 2 69.192.160.219 16625 (AKAMAI-AS)
8 172.217.23.98 15169 (GOOGLE)
1 34.98.67.61 15169 (GOOGLE)
2 35.227.252.103 15169 (GOOGLE)
2 185.64.190.78 62713 (AS-PUBMATIC)
2 2 69.173.144.165 26667 (RUBICONPR...)
4 4 104.18.19.126 13335 (CLOUDFLAR...)
1 35.244.174.68 15169 (GOOGLE)
1 2a05:d01c:1d8... 16509 (AMAZON-02)
140 24
47    45.252.248.26 (Thuan An, Viet Nam)

ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN)
vaytientot.com
4    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    103.83.156.4 (Singapore)

ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG)
PTR: share01.centerhop.com
proof.sudo.vn
12    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    151.139.242.29 (United States)

ASN33438 (STACKPATH, US)
images.dmca.com
6    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
img.onesignal.com
17    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
9    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net
partner.googleadservices.com
3    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
www.googletagservices.com
2    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
14    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
e.dlx.addthis.com
8    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net
cm.g.doubleclick.net
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    2a05:d01c:1d8:8101:fce4:7d96:66d4:9311 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
Apex Domain
Subdomains		 Transfer
47 vaytientot.com
vaytientot.com
500 KB
26 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
314 KB
18 gstatic.com
fonts.gstatic.com
www.gstatic.com
240 KB
16 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 52
cm.g.doubleclick.net — Cisco Umbrella Rank: 214
87 KB
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3409
onesignal.com — Cisco Umbrella Rank: 1263
img.onesignal.com — Cisco Umbrella Rank: 7055
92 KB
5 google.com
adservice.google.com — Cisco Umbrella Rank: 88
www.google.com — Cisco Umbrella Rank: 9
1 KB
4 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 456
4 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 54
4 KB
2 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 327
919 B
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 634
207 B
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1517
485 B
2 addthis.com
e.dlx.addthis.com — Cisco Umbrella Rank: 1981
1 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1072
792 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 194
87 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 8811
914 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
20 KB
2 dmca.com
images.dmca.com — Cisco Umbrella Rank: 13009
7 KB
1 innovid.com
ag.innovid.com — Cisco Umbrella Rank: 1414
296 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 592
98 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 929
356 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 882
647 B
1 sudo.vn
proof.sudo.vn — Cisco Umbrella Rank: 738321
282 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
41 KB
140 23
Domain Requested by
47 vaytientot.com 1 redirects vaytientot.com
17 fonts.gstatic.com fonts.googleapis.com
14 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
12 pagead2.googlesyndication.com vaytientot.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
8 cm.g.doubleclick.net googleads.g.doubleclick.net
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
4 ssum-sec.casalemedia.com 4 redirects
4 fonts.googleapis.com vaytientot.com
googleads.g.doubleclick.net
3 www.google.com 1 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
3 onesignal.com cdn.onesignal.com
2 pixel.rubiconproject.com 2 redirects
2 image6.pubmatic.com googleads.g.doubleclick.net
2 rtb.openx.net googleads.g.doubleclick.net
2 e.dlx.addthis.com 2 redirects
2 cms.quantserve.com 1 redirects googleads.g.doubleclick.net
2 www.googletagservices.com googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cdn.onesignal.com vaytientot.com
cdn.onesignal.com
2 images.dmca.com vaytientot.com
1 ag.innovid.com googleads.g.doubleclick.net
1 id.rlcdn.com googleads.g.doubleclick.net
1 odr.mookie1.com googleads.g.doubleclick.net
1 www.gstatic.com googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 img.onesignal.com vaytientot.com
1 proof.sudo.vn vaytientot.com
1 www.googletagmanager.com vaytientot.com
140 29
Subject Issuer Validity Valid
vaytientot.com
R3		 2022-08-05 -
2022-11-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
proof.sudo.vn
cPanel, Inc. Certification Authority		 2022-06-22 -
2022-09-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
images.dmca.com
Go Daddy Secure Certificate Authority - G2		 2022-03-11 -
2023-03-29		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-03 -
2023-06-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-24 -
2023-03-27		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.innovid.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-15 -
2023-04-15		 a year crt.sh

This page contains 12 frames:

Primary Page: https://vaytientot.com/
Frame ID: 9848F882051B94B964BE772A0766EFD0
Requests: 85 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20190131/zrt_lookup.html
Frame ID: EF76B9690ECB854DDD3B10CC5F0B595D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&adk=318159125&adf=2184669829&lmt=1661092104&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fvaytientot.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156579534&bpp=2&bdt=1036&idt=281&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2289304363285&frm=20&pv=2&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=296
Frame ID: 80FA424091B9299AD6024E55FB22DCAB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=280&adk=3610921502&adf=1016305667&pi=t.aa~a.2198856842~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1661092104&rafmt=1&to=qs&pwprc=9487103438&psa=0&format=1200x280&url=https%3A%2F%2Fvaytientot.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=2&bdt=1558&idt=-M&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0&nras=2&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hgUGkD9FcR&p=https%3A//vaytientot.com&dtd=10
Frame ID: 4AD2E7B2B5262EF1F6B020B21E0D20CF
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=96&adk=4105439127&adf=3646346966&pi=t.aa~a.2041912670~rp.4&w=300&lmt=1661092104&nsk=320008e2&rafmt=11&pwprc=9487103438&psa=0&ad_type=text_image&format=300x96&url=https%3A%2F%2Fvaytientot.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=1&bdt=1558&idt=1&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1056&ady=1215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=CvQ0p5CD3X&p=https%3A//vaytientot.com&dtd=24
Frame ID: 2BFD5F2821F9F9985570490577A3784F
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3639E813400D65CBAC70EFD1E2C77B5D
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 81171BD4EA4C5A624A2185661F169BC8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 17DE2B30FC70BC5ACD1301B5CAF97378
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Frame ID: 02DC9E870944F7616DE58EF2BB75404F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Frame ID: 311629E57744C3C8F886517924405BC2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8CEA547D6FCAB4DB6479E369EEBCA645
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 007E6E9C51E6124D299BC0FD537F9240
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Vay tiền tốt - Vay tiền online nhanh

Page URL History Show full URLs

  1. http://vaytientot.com/ HTTP 301
    https://vaytientot.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

140
Requests

95 %
HTTPS

54 %
IPv6

23
Domains

29
Subdomains

24
IPs

6
Countries

1396 kB
Transfer

3422 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://vaytientot.com/ HTTP 301
    https://vaytientot.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 112
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4B5qZ1k8arZ41YA4VoaWVa-XcJ0C-WesgxbF34x96AKv4SDcc-UAf0hpQd1L8USI2NrnguknFviu2aKLtu32TlVvWguVQ&google_gid=CAESEE0wiN8jH4YqlRkS7DVNylM&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4B5qZ1k8arZ41YA4VoaWVa-XcJ0C-WesgxbF34x96AKv4SDcc-UAf0hpQd1L8USI2NrnguknFviu2aKLtu32TlVvWguVQ&google_gid=CAESEE0wiN8jH4YqlRkS7DVNylM&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MjIwODIzMDEwMDAyODUxODA1ODczNg%3D%3D&google_push=AehlK4B5qZ1k8arZ41YA4VoaWVa-XcJ0C-WesgxbF34x96AKv4SDcc-UAf0hpQd1L8USI2NrnguknFviu2aKLtu32TlVvWguVQ
Request Chain 116
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELzJpAW2kDOmivdSo6u1Eqk&google_cver=1&google_push=AehlK4D-1cLIja2pT8QmNHjtQGx5D2J91lADYhI6R7kESwiWTN6vdh5lxbwRrMUgV6fSkxlTYDmSJDYogxDJ8WPGs8GB1jx_UGY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc0SFFMMEgtMjUtNFZTNQ==&google_push=AehlK4D-1cLIja2pT8QmNHjtQGx5D2J91lADYhI6R7kESwiWTN6vdh5lxbwRrMUgV6fSkxlTYDmSJDYogxDJ8WPGs8GB1jx_UGY
Request Chain 117
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHT1_zSiCzMjEf57KtE9Er4&google_cver=1&google_push=AehlK4C3T5WlS8lgEwP9kOoMgQy-rnGzxKWPwJpLpBqNVwWZTamohtb3R2-Jd6Vdk1EgUdN29_x2emaHatQ0CYlHAjK8-AJGHCE HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHT1_zSiCzMjEf57KtE9Er4&google_push=AehlK4C3T5WlS8lgEwP9kOoMgQy-rnGzxKWPwJpLpBqNVwWZTamohtb3R2-Jd6Vdk1EgUdN29_x2emaHatQ0CYlHAjK8-AJGHCE&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHT1_zSiCzMjEf57KtE9Er4&google_hm=YwM85EZ7W9BZdK0KblcCogAABFEAAAIB&google_nid=index&google_push=AehlK4C3T5WlS8lgEwP9kOoMgQy-rnGzxKWPwJpLpBqNVwWZTamohtb3R2-Jd6Vdk1EgUdN29_x2emaHatQ0CYlHAjK8-AJGHCE
Request Chain 123
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDT2l8ajtCQkgL7opMEvfH8&google_cver=1&google_push=AehlK4A0WifN2H0Dfy6e2aC81RRrxYpSJ_hYAXLtIgstX0D2AHBNsKOcJyl9Y4Bfep_zr5sBvPaFbD0FgsGUJpjVTU9LpS1QXIc HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4A0WifN2H0Dfy6e2aC81RRrxYpSJ_hYAXLtIgstX0D2AHBNsKOcJyl9Y4Bfep_zr5sBvPaFbD0FgsGUJpjVTU9LpS1QXIc&google_hm=X2O6TFUZIZzqUxM7orF8uw
Request Chain 127
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEE0_i8BWeOSkBPgA1K-xPAo&google_cver=1&google_push=AehlK4Bew4LloN83oG6otOVaRa2ZpX-TOtYRqYdHQexS2DYlHCFe11Dx5YOoqJVJbqJNaDR2pTBzrsivSwdv0UJ_Vu6zyIaVHg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc0SFFMMFUtMVEtNUdWSw==&google_push=AehlK4Bew4LloN83oG6otOVaRa2ZpX-TOtYRqYdHQexS2DYlHCFe11Dx5YOoqJVJbqJNaDR2pTBzrsivSwdv0UJ_Vu6zyIaVHg
Request Chain 128
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOPmD1N2LiEcdUxFebATW2g&google_cver=1&google_push=AehlK4DEaC3bnok5X5xI1IJMKJqJtS8iF9wZ-myxv7DSSgPLDx44UKcI-zryso_2bJBYUF_CzdGSQdV3cUBoUCo4Nso8xe2ROGE HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOPmD1N2LiEcdUxFebATW2g&google_push=AehlK4DEaC3bnok5X5xI1IJMKJqJtS8iF9wZ-myxv7DSSgPLDx44UKcI-zryso_2bJBYUF_CzdGSQdV3cUBoUCo4Nso8xe2ROGE&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOPmD1N2LiEcdUxFebATW2g&google_hm=YwM85EZ7W9BZdK0KblcCogAABFEAAAIB&google_nid=index&google_push=AehlK4DEaC3bnok5X5xI1IJMKJqJtS8iF9wZ-myxv7DSSgPLDx44UKcI-zryso_2bJBYUF_CzdGSQdV3cUBoUCo4Nso8xe2ROGE
Request Chain 132
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

140 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
vaytientot.com/
Redirect Chain
  • http://vaytientot.com/
  • https://vaytientot.com/
84 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
8ca4ba3e07d3f5cf312d5f6eb336815d9563c351f145fae9cf93ba2a0e69913c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
public, max-age=0
content-encoding
gzip
content-length
18087
content-type
text/html; charset=UTF-8
date
Mon, 22 Aug 2022 08:22:58 GMT
expires
Mon, 22 Aug 2022 08:22:58 GMT
last-modified
Sun, 21 Aug 2022 14:28:24 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding

Redirect headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
707
content-type
text/html
date
Mon, 22 Aug 2022 08:22:57 GMT
location
https://vaytientot.com/
server
LiteSpeed
vary
Accept-Encoding
css
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%20Slab%3Anormal%7CRoboto%3A500%7CRoboto%3Anormal%7CMontserrat%3A600%7CMontserrat%3Anormal%7CMontserrat%3A700%7CMontserrat%3A500&subset=latin%2Cvietnamese&display=swap
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
44f4185231397d25123c57cddc8adf29fb9559dd58548286954b2042a5865b27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 22 Aug 2022 08:22:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 22 Aug 2022 08:22:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Aug 2022 08:22:58 GMT
style.min.css
vaytientot.com/wp-includes/css/dist/block-library/ 		87 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vaytientot.com/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:58 GMT
content-encoding
br
last-modified
Wed, 13 Jul 2022 02:24:08 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
content-length
10946
expires
Tue, 22 Aug 2023 08:22:58 GMT
style.min.css
vaytientot.com/wp-includes/css/dist/components/ 		103 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vaytientot.com/wp-includes/css/dist/components/style.min.css
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6abba1c5cd542f8f5d4b9561b3315f05ff018a2647f216fbf6ac2002aca567cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:58 GMT
content-encoding
br
last-modified
Wed, 25 May 2022 02:25:00 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
content-length
14637
expires
Tue, 22 Aug 2023 08:22:58 GMT
style.min.css
vaytientot.com/wp-includes/css/dist/block-editor/ 		119 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vaytientot.com/wp-includes/css/dist/block-editor/style.min.css
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
b84ee65602c75ea856b3934dd36fa2827eb13d73053d538ebf3944388d21c7e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:58 GMT
content-encoding
br
last-modified
Wed, 25 May 2022 02:25:00 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
content-length
15165
expires
Tue, 22 Aug 2023 08:22:58 GMT
style.min.css
vaytientot.com/wp-includes/css/dist/nux/ 		3 KB
720 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vaytientot.com/wp-includes/css/dist/nux/style.min.css
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6da593bb41278863238449ee446ac7a689c10718f2351833aa9e6f1575c3ac21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:58 GMT
content-encoding
br
last-modified
Wed, 25 May 2022 02:25:00 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
content-length
687
expires
Tue, 22 Aug 2023 08:22:58 GMT
style.min.css
vaytientot.com/wp-includes/css/dist/reusable-blocks/ 		522 B
270 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vaytientot.com/wp-includes/css/dist/reusable-blocks/style.min.css
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
b065e641c0b9772a645e0596657a0bbabb8470f5ffbcfed95d5100f74c0da056

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:58 GMT
content-encoding
br
last-modified
Sun, 30 Jan 2022 02:43:39 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
content-length
215
expires
Tue, 22 Aug 2023 08:22:58 GMT
style.min.css
vaytientot.com/wp-includes/css/dist/editor/ 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vaytientot.com/wp-includes/css/dist/editor/style.min.css
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
4abb7aa5439849a3cddb4085a9c39b6ef0a54da587c675c4cb4e9887974e5642

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:58 GMT
content-encoding
br
last-modified
Wed, 25 May 2022 02:25:00 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
content-length
3465
expires
Tue, 22 Aug 2023 08:22:58 GMT
blocks.editor.build.css
vaytientot.com/wp-content/plugins/i2-pro-cons/dist/ 		5 KB
909 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vaytientot.com/wp-content/plugins/i2-pro-cons/dist/blocks.editor.build.css
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
cc9f6291cfc03113674785482af3429df3c586dfe92789b84588d2df668caa20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:58 GMT
content-encoding
br
last-modified
Mon, 09 Aug 2021 01:45:24 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
content-length
853
expires
Tue, 22 Aug 2023 08:22:58 GMT
styles.css
vaytientot.com/wp-content/plugins/i2-pro-cons/dist/fonts/ 		4 KB
775 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vaytientot.com/wp-content/plugins/i2-pro-cons/dist/fonts/styles.css
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
ce67c2e4e9b4e71a27e764dc1694ddd49032e312059a29d99865bfc357f5bf50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:58 GMT
content-encoding
br
last-modified
Mon, 09 Aug 2021 01:45:24 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
content-length
742
expires
Tue, 22 Aug 2023 08:22:58 GMT
styles.css
vaytientot.com/wp-content/plugins/contact-form-7/includes/css/ 		3 KB
905 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vaytientot.com/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:58 GMT
content-encoding
br
last-modified
Sun, 24 Jul 2022 03:58:56 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
content-length
848
expires
Tue, 22 Aug 2023 08:22:58 GMT
kk-star-ratings.min.css
vaytientot.com/wp-content/plugins/kk-star-ratings/src/core/public/css/ 		2 KB
559 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vaytientot.com/wp-content/plugins/kk-star-ratings/src/core/public/css/kk-star-ratings.min.css
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
1cd6396792d7bfdd898dcb9f2ee195387179b30fb4cc2cdc0c57575fab655230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:58 GMT
content-encoding
br
last-modified
Mon, 11 Jul 2022 03:27:51 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
content-length
503
expires
Tue, 22 Aug 2023 08:22:58 GMT
screen.min.css
vaytientot.com/wp-content/plugins/table-of-contents-plus/ 		1 KB
434 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vaytientot.com/wp-content/plugins/table-of-contents-plus/screen.min.css
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:58 GMT
content-encoding
br
last-modified
Wed, 23 Jun 2021 02:03:38 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
content-length
378
expires
Tue, 22 Aug 2023 08:22:58 GMT
default.min.css
vaytientot.com/wp-content/plugins/tablepress/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vaytientot.com/wp-content/plugins/tablepress/css/default.min.css
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
97ce1e1f5dbfda35ac979b593e79e1673a3e725790339d767e4a6ca6e94a4828

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:58 GMT
content-encoding
br
last-modified
Mon, 26 Jul 2021 02:27:37 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
content-length
2016
expires
Tue, 22 Aug 2023 08:22:58 GMT
button-styles.css
vaytientot.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vaytientot.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
f46d94840c903a15d22f37b355f71205554b15abd725d6ad0d81f7ca21e8f38e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:58 GMT
content-encoding
br
last-modified
Mon, 16 Mar 2020 08:07:07 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
content-length
1217
expires
Tue, 22 Aug 2023 08:22:58 GMT
style.css
vaytientot.com/wp-content/themes/mts_schema/ 		52 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vaytientot.com/wp-content/themes/mts_schema/style.css
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
994e38c6dc8e7aa59f36f2920b2f9ec932c8c4f0d480e92e8a3ca227cce80a96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:58 GMT
content-encoding
br
last-modified
Tue, 12 Oct 2021 03:58:38 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
content-length
11665
expires
Tue, 22 Aug 2023 08:22:58 GMT
owl.carousel.css
vaytientot.com/wp-content/themes/mts_schema/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vaytientot.com/wp-content/themes/mts_schema/css/owl.carousel.css
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
d51cae5e2771a8e657297a4910f8b3444719ddef364a4131d919c2b56e84877e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:58 GMT
content-encoding
br
last-modified
Tue, 12 Oct 2021 03:58:38 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
content-length
1793
expires
Tue, 22 Aug 2023 08:22:58 GMT
responsive.css
vaytientot.com/wp-content/themes/mts_schema/css/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vaytientot.com/wp-content/themes/mts_schema/css/responsive.css
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
8e3f3aaf02f3bf0ba23a4d6ad52fca91d55f37c524c86dd08edc6091c792a51e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:58 GMT
content-encoding
br
last-modified
Tue, 12 Oct 2021 03:58:38 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
content-length
2828
expires
Tue, 22 Aug 2023 08:22:58 GMT
font-awesome.min.css
vaytientot.com/wp-content/themes/mts_schema/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vaytientot.com/wp-content/themes/mts_schema/css/font-awesome.min.css
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
bb4f2176a2375283b5a4eb0f0a8c3b9fe06ed51f6e8ba012a54c5a408d0c0b38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:58 GMT
content-encoding
br
last-modified
Tue, 12 Oct 2021 03:58:38 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
content-length
6643
expires
Tue, 22 Aug 2023 08:22:58 GMT
jquery.min.js
vaytientot.com/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vaytientot.com/wp-includes/js/jquery/jquery.min.js
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:58 GMT
content-encoding
br
last-modified
Wed, 21 Jul 2021 03:08:19 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
content-length
30273
expires
Tue, 22 Aug 2023 08:22:58 GMT
jquery-migrate.min.js
vaytientot.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vaytientot.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:58 GMT
content-encoding
br
last-modified
Thu, 24 Dec 2020 07:22:13 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
content-length
3995
expires
Tue, 22 Aug 2023 08:22:58 GMT
js
www.googletagmanager.com/gtag/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-149533745-3
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
16741fd1463c6864f31f7db56d6f3943c21d8f4c94b540a7267c4a9d5b514748
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:59 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41851
x-xss-protection
0
last-modified
Mon, 22 Aug 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 22 Aug 2022 08:22:59 GMT
e3j0o3a4e58pbv9w56jyh5ibmqvcgt9n
proof.sudo.vn/pixel/ 		0
282 B 		Script
General
Check archive.org
Download Go to
Full URL
https://proof.sudo.vn/pixel/e3j0o3a4e58pbv9w56jyh5ibmqvcgt9n
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),
Reverse DNS
share01.centerhop.com
Software
LiteSpeed / PHP/7.4.30
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
cache
date
Mon, 22 Aug 2022 08:22:58 GMT
server
LiteSpeed
x-powered-by
PHP/7.4.30
content-type
application/javascript
cache-control
max-age=86400
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
0
expires
Tue, 23 Aug 2022 08:22:58 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		165 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8535072256618724
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1537fcf4042931c87cc64dfd2cf757f695975c38bff1d3b93f45b0e3ce844bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vaytientot.com/
Origin
https://vaytientot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57125
x-xss-protection
0
server
cafe
etag
11049975111219402337
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 22 Aug 2022 08:22:59 GMT
dmca-badge-w200-5x1-07.png
images.dmca.com/Badges/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dmca.com/Badges/dmca-badge-w200-5x1-07.png?ID=2c21226c-8a51-415e-a24a-93aaeaeb4b1e
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.29 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
e3e72d86ca00f3264b091a2d9337ca52eadf912c3fe781131fd90897802323fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:59 GMT
last-modified
Mon, 25 Jul 2016 19:39:16 GMT
server
nginx
x-powered-by
ASP.NET
etag
"afc58f3aace6d11:0"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
link
<http://dmca-images.azurewebsites.net/Badges/dmca-badge-w200-5x1-07.png>; rel="canonical"
content-length
6296
expires
Wed, 21 Sep 2022 08:22:38 GMT
DMCABadgeHelper.min.js
images.dmca.com/Badges/ 		465 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.29 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:59 GMT
content-encoding
gzip
last-modified
Fri, 21 Jun 2019 20:14:34 GMT
server
nginx
x-powered-by
ASP.NET
etag
"26b181f16d28d51:0"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
link
<http://dmca-images.azurewebsites.net/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length
280
expires
Wed, 21 Sep 2022 08:22:15 GMT
shortcodes.css
vaytientot.com/wp-content/plugins/shortcodes-ultimate/includes/css/ 		45 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vaytientot.com/wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
568de4a237f78930c495806b9302c91df36f7212ee5af1cc6d9f4abc3ff03b38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:59 GMT
content-encoding
br
last-modified
Wed, 26 Jan 2022 08:31:57 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
content-length
7347
expires
Tue, 22 Aug 2023 08:22:59 GMT
regenerator-runtime.min.js
vaytientot.com/wp-includes/js/dist/vendor/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vaytientot.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:59 GMT
content-encoding
br
last-modified
Wed, 25 May 2022 02:24:59 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
content-length
2354
expires
Tue, 22 Aug 2023 08:22:59 GMT
wp-polyfill.min.js
vaytientot.com/wp-includes/js/dist/vendor/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vaytientot.com/wp-includes/js/dist/vendor/wp-polyfill.min.js
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:59 GMT
content-encoding
br
last-modified
Wed, 25 May 2022 02:24:59 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
content-length
6872
expires
Tue, 22 Aug 2023 08:22:59 GMT
index.js
vaytientot.com/wp-content/plugins/contact-form-7/includes/js/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vaytientot.com/wp-content/plugins/contact-form-7/includes/js/index.js
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
e89d7526092c671c0a01bd02152a595271fb97f87bbd3ba379b5e8b1071f6b2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:59 GMT
content-encoding
br
last-modified
Sun, 24 Jul 2022 03:58:56 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
content-length
6238
expires
Tue, 22 Aug 2023 08:22:59 GMT
kk-star-ratings.min.js
vaytientot.com/wp-content/plugins/kk-star-ratings/src/core/public/js/ 		1 KB
664 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vaytientot.com/wp-content/plugins/kk-star-ratings/src/core/public/js/kk-star-ratings.min.js
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
acdebf935ded5cb063dcca7c46be5bbc503af5e76e295f6d0b7093c4514ed256

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:59 GMT
content-encoding
br
last-modified
Mon, 11 Jul 2022 03:27:51 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
content-length
631
expires
Tue, 22 Aug 2023 08:22:59 GMT
front.min.js
vaytientot.com/wp-content/plugins/table-of-contents-plus/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vaytientot.com/wp-content/plugins/table-of-contents-plus/front.min.js
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:59 GMT
content-encoding
br
last-modified
Wed, 23 Jun 2021 02:03:38 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
content-length
2181
expires
Tue, 22 Aug 2023 08:22:59 GMT
customscript.js
vaytientot.com/wp-content/themes/mts_schema/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vaytientot.com/wp-content/themes/mts_schema/js/customscript.js
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
2f37ce44bf99fb698922425abd8d6898851b1ce3ada24a679046ba4b0a2da7e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:59 GMT
content-encoding
br
last-modified
Tue, 12 Oct 2021 03:58:38 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
content-length
2654
expires
Tue, 22 Aug 2023 08:22:59 GMT
owl.carousel.min.js
vaytientot.com/wp-content/themes/mts_schema/js/ 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vaytientot.com/wp-content/themes/mts_schema/js/owl.carousel.min.js
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
cfdbe855d739cb037a1908fc906bdb21d53cae36b85a6b28d61600f18a6f11cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:59 GMT
content-encoding
br
last-modified
Tue, 12 Oct 2021 03:58:38 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
content-length
12985
expires
Tue, 22 Aug 2023 08:22:59 GMT
sticky.js
vaytientot.com/wp-content/themes/mts_schema/js/ 		1 KB
393 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vaytientot.com/wp-content/themes/mts_schema/js/sticky.js
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
a683c4022892de46206f559065e02e236fc3fcd97d67757048355ffcad861bc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:59 GMT
content-encoding
br
last-modified
Tue, 12 Oct 2021 03:58:38 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
content-length
360
expires
Tue, 22 Aug 2023 08:22:59 GMT
ajax.js
vaytientot.com/wp-content/themes/mts_schema/js/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vaytientot.com/wp-content/themes/mts_schema/js/ajax.js
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
567373119fe7f49f4c45885d7e39dad004c637a51da92184ad62ac6bef67847c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:59 GMT
content-encoding
br
last-modified
Tue, 12 Oct 2021 03:58:38 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
content-length
6182
expires
Tue, 22 Aug 2023 08:22:59 GMT
smush-lazy-load.min.js
vaytientot.com/wp-content/plugins/wp-smush-pro/app/assets/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vaytientot.com/wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load.min.js
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
b30169a38c7ecd17eefc119177c0c61337b17a8f1abfd337ac37284d1a04a65b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:59 GMT
content-encoding
br
last-modified
Sun, 24 Jul 2022 03:59:04 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
content-length
3542
expires
Tue, 22 Aug 2023 08:22:59 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
73ea342caf2abbb5-FRA
date
Mon, 22 Aug 2022 08:22:59 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
2695
etag
W/"ae63ef8ff03da61fffaa7f165729897a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 25 Aug 2022 08:22:59 GMT
dashicons.min.css
vaytientot.com/wp-includes/css/ 		58 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vaytientot.com/wp-includes/css/dashicons.min.css
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:59 GMT
content-encoding
br
last-modified
Thu, 15 Apr 2021 03:08:18 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
content-length
35110
expires
Tue, 22 Aug 2023 08:22:59 GMT
font-awesome.min.css
vaytientot.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/ 		86 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vaytientot.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/font-awesome.min.css
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6e00e8106852b7f72579fe646747028c496cb328fdfea0db3b95c1f1d6e0d7f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:59 GMT
content-encoding
br
last-modified
Mon, 16 Mar 2020 08:07:07 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
content-length
11671
expires
Tue, 22 Aug 2023 08:22:59 GMT
fontawesome-webfont.woff2
vaytientot.com/wp-content/themes/mts_schema/fonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vaytientot.com/wp-content/themes/mts_schema/fonts/fontawesome-webfont.woff2
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/wp-content/themes/mts_schema/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://vaytientot.com/wp-content/themes/mts_schema/css/font-awesome.min.css
Origin
https://vaytientot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:59 GMT
last-modified
Tue, 12 Oct 2021 03:58:38 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
77160
expires
Tue, 20 Dec 2022 08:22:59 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Slab%3Anormal%7CRoboto%3A500%7CRoboto%3Anormal%7CMontserrat%3A600%7CMontserrat%3Anormal%7CMontserrat%3A700%7CMontserrat%3A500&subset=latin%2Cvietnamese&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vaytientot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 20:10:25 GMT
x-content-type-options
nosniff
age
389554
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 20:10:25 GMT
BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2
fonts.gstatic.com/s/robotoslab/v24/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v24/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Slab%3Anormal%7CRoboto%3A500%7CRoboto%3Anormal%7CMontserrat%3A600%7CMontserrat%3Anormal%7CMontserrat%3A700%7CMontserrat%3A500&subset=latin%2Cvietnamese&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3b93a1b0941a116dcb0ed0b5c3ea062cdcad365207c405b231094eb485d95fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vaytientot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 22:14:17 GMT
x-content-type-options
nosniff
age
554922
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12608
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 19:15:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Aug 2023 22:14:17 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Slab%3Anormal%7CRoboto%3A500%7CRoboto%3Anormal%7CMontserrat%3A600%7CMontserrat%3Anormal%7CMontserrat%3A700%7CMontserrat%3A500&subset=latin%2Cvietnamese&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vaytientot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 08:01:51 GMT
x-content-type-options
nosniff
age
346868
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Aug 2023 08:01:51 GMT
KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Slab%3Anormal%7CRoboto%3A500%7CRoboto%3Anormal%7CMontserrat%3A600%7CMontserrat%3Anormal%7CMontserrat%3A700%7CMontserrat%3A500&subset=latin%2Cvietnamese&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vaytientot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 19:18:02 GMT
x-content-type-options
nosniff
age
565497
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Aug 2023 19:18:02 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Slab%3Anormal%7CRoboto%3A500%7CRoboto%3Anormal%7CMontserrat%3A600%7CMontserrat%3Anormal%7CMontserrat%3A700%7CMontserrat%3A500&subset=latin%2Cvietnamese&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vaytientot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:46:43 GMT
x-content-type-options
nosniff
age
484576
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 17:46:43 GMT
BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmYWRjRdE.woff2
fonts.gstatic.com/s/robotoslab/v24/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v24/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmYWRjRdE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Slab%3Anormal%7CRoboto%3A500%7CRoboto%3Anormal%7CMontserrat%3A600%7CMontserrat%3Anormal%7CMontserrat%3A700%7CMontserrat%3A500&subset=latin%2Cvietnamese&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
befc8883343cb0562be78ccd463612141f07b909ea2c19254fb444778541797c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vaytientot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 22:53:43 GMT
x-content-type-options
nosniff
age
379756
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7196
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 19:14:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 22:53:43 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Slab%3Anormal%7CRoboto%3A500%7CRoboto%3Anormal%7CMontserrat%3A600%7CMontserrat%3Anormal%7CMontserrat%3A700%7CMontserrat%3A500&subset=latin%2Cvietnamese&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vaytientot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 20:41:06 GMT
x-content-type-options
nosniff
age
560513
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11872
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Aug 2023 20:41:06 GMT
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/gif
JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v25/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Slab%3Anormal%7CRoboto%3A500%7CRoboto%3Anormal%7CMontserrat%3A600%7CMontserrat%3Anormal%7CMontserrat%3A700%7CMontserrat%3A500&subset=latin%2Cvietnamese&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cffe139366b3882387dddbd10d59e7d9aa29345793fdbf51ddde809ca6a0bec2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vaytientot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 05:29:46 GMT
x-content-type-options
nosniff
age
96793
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25036
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:59:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 21 Aug 2023 05:29:46 GMT
KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		5 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Slab%3Anormal%7CRoboto%3A500%7CRoboto%3Anormal%7CMontserrat%3A600%7CMontserrat%3Anormal%7CMontserrat%3A700%7CMontserrat%3A500&subset=latin%2Cvietnamese&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0948409a22b5979aa7e1ec20da9e61f12e7d403800b541ece053881bd2542b70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vaytientot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 08:44:45 GMT
x-content-type-options
nosniff
age
430694
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5604
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 08:44:45 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-149533745-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4859
date
Mon, 22 Aug 2022 07:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 22 Aug 2022 09:02:00 GMT
Oncredit-logo.png
vaytientot.com/wp-content/uploads/2021/03/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vaytientot.com/wp-content/uploads/2021/03/Oncredit-logo.png
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
f499133df667c380ed5bede537af43734cb26e970389a055e6a1c8ed4c3c0d74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:59 GMT
last-modified
Fri, 26 Mar 2021 03:12:03 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=10368000,public
accept-ranges
bytes
content-length
16295
expires
Tue, 20 Dec 2022 08:22:59 GMT
robocash.jpg
vaytientot.com/wp-content/uploads/2020/03/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vaytientot.com/wp-content/uploads/2020/03/robocash.jpg
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
3fbbb11a1277d59e4e1e16d06b52c40329e474c168df2f9f36b38ab47bd08f50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:59 GMT
last-modified
Sat, 04 Apr 2020 01:06:18 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=10368000,public
accept-ranges
bytes
content-length
61187
expires
Tue, 20 Dec 2022 08:22:59 GMT
senmo-logo.png
vaytientot.com/wp-content/uploads/2020/04/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vaytientot.com/wp-content/uploads/2020/04/senmo-logo.png
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7f079a1b23d9a59bf88218876062aecc796d811d94ad236cb240ebc25d36e197

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:59 GMT
last-modified
Fri, 01 May 2020 02:48:31 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=10368000,public
accept-ranges
bytes
content-length
4943
expires
Tue, 20 Dec 2022 08:22:59 GMT
atmonline-logo.png
vaytientot.com/wp-content/uploads/2021/03/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vaytientot.com/wp-content/uploads/2021/03/atmonline-logo.png
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
0b588d55b67f5b79bf359dbc0a91da187b927e3351380a5a01760b394e6624dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:59 GMT
last-modified
Mon, 01 Mar 2021 07:48:32 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=10368000,public
accept-ranges
bytes
content-length
2065
expires
Tue, 20 Dec 2022 08:22:59 GMT
crezu-logo.png
vaytientot.com/wp-content/uploads/2020/10/ 		887 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vaytientot.com/wp-content/uploads/2020/10/crezu-logo.png
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7d7eb11908e070812f25571fc82f0b8bddba557fc83bc8100473a25dcb0d516d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:59 GMT
last-modified
Thu, 29 Oct 2020 08:49:02 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=10368000,public
accept-ranges
bytes
content-length
887
expires
Tue, 20 Dec 2022 08:22:59 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
73ea342dd901bbb5-FRA
date
Mon, 22 Aug 2022 08:22:59 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
219
etag
W/"2f96824aee4bf927e734cc519e3e726d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 25 Aug 2022 08:22:59 GMT
the-visa-debit-la-gi-300x200.png
vaytientot.com/wp-content/uploads/2022/08/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vaytientot.com/wp-content/uploads/2022/08/the-visa-debit-la-gi-300x200.png
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
541aff62455f1214669ca79ae8c6262ddfba919425b6ed4e9d07071824430d0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:59 GMT
last-modified
Thu, 18 Aug 2022 10:40:44 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=10368000,public
accept-ranges
bytes
content-length
26185
expires
Tue, 20 Dec 2022 08:22:59 GMT
gui-ngan-hang-20-trieu-moi-thang-lai-bao-nhieu-300x200.png
vaytientot.com/wp-content/uploads/2022/08/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vaytientot.com/wp-content/uploads/2022/08/gui-ngan-hang-20-trieu-moi-thang-lai-bao-nhieu-300x200.png
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
ace3f4758a7a6df596d42b2355d9c9eff4aa2edbdd4e08c45abe093a3fdcedae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:59 GMT
last-modified
Sun, 14 Aug 2022 14:47:38 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=10368000,public
accept-ranges
bytes
content-length
23011
expires
Tue, 20 Dec 2022 08:22:59 GMT
gui-ngan-hang-100-trieu-moi-thang-lai-bao-nhieu-300x200.png
vaytientot.com/wp-content/uploads/2022/08/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vaytientot.com/wp-content/uploads/2022/08/gui-ngan-hang-100-trieu-moi-thang-lai-bao-nhieu-300x200.png
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
db6769cd5da74960524dc17784dce021c8df33b41b4ae6c7ac6cdfaac4e69e0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:59 GMT
last-modified
Sun, 14 Aug 2022 11:51:47 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=10368000,public
accept-ranges
bytes
content-length
27906
expires
Tue, 20 Dec 2022 08:22:59 GMT
KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 		5 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Slab%3Anormal%7CRoboto%3A500%7CRoboto%3Anormal%7CMontserrat%3A600%7CMontserrat%3Anormal%7CMontserrat%3A700%7CMontserrat%3A500&subset=latin%2Cvietnamese&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vaytientot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 23:10:19 GMT
x-content-type-options
nosniff
age
551560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5560
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Aug 2023 23:10:19 GMT
JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2
fonts.gstatic.com/s/montserrat/v25/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Slab%3Anormal%7CRoboto%3A500%7CRoboto%3Anormal%7CMontserrat%3A600%7CMontserrat%3Anormal%7CMontserrat%3A700%7CMontserrat%3A500&subset=latin%2Cvietnamese&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56544b89de11e26ae80a5212b3387d693b1bfbaf68312e3ccc0f0b7a00382f5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vaytientot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:58:50 GMT
x-content-type-options
nosniff
age
573849
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7764
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:56:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Aug 2023 16:58:50 GMT
BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmYGRjRdE.woff2
fonts.gstatic.com/s/robotoslab/v24/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v24/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmYGRjRdE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Slab%3Anormal%7CRoboto%3A500%7CRoboto%3Anormal%7CMontserrat%3A600%7CMontserrat%3Anormal%7CMontserrat%3A700%7CMontserrat%3A500&subset=latin%2Cvietnamese&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd88143c4fa952e23f8ea3e1d0ae8240d39ce868b6735feed80e42a4e52f276c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vaytientot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 17:09:16 GMT
x-content-type-options
nosniff
age
573223
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3480
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 19:14:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Aug 2023 17:09:16 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/ 		341 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8535072256618724&plah=vaytientot.com&bust=31069028
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8535072256618724
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
366070d850e3a4794b086bfcda5289d0edfa9d7529507ffef3b8dbe38ae75d17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122625
x-xss-protection
0
server
cafe
etag
6988080010910907646
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 22 Aug 2022 08:22:59 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220817/r20190131/ Frame EF76 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220817/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8535072256618724
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vaytientot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
37696
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 21:54:43 GMT
etag
8616628553774171045
expires
Sun, 04 Sep 2022 21:54:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
web
onesignal.com/api/v1/sync/7dafb930-a2cc-4bce-b658-32041493bb59/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/7dafb930-a2cc-4bce-b658-32041493bb59/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eab49af66323d36d88516a1234f5591940fe3cedeab7ed230fbb2edd59b2ec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:59 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-permitted-cross-domain-policies
none
status
200 OK
x-envoy-upstream-service-time
26
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
bdc816fa-6077-4f25-9e87-3ae2d514b8f7
x-runtime
0.024710
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"eab49af66323d36d88516a1234f55919"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
73ea342e59b9bbb5-FRA
access-control-allow-headers
SDK-Version
expires
Mon, 22 Aug 2022 09:22:59 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1969714013&t=pageview&_s=1&dl=https%3A%2F%2Fvaytientot.com%2F&ul=en-us&de=UTF-8&dt=Vay%20ti%E1%BB%81n%20t%E1%BB%91t%20-%20Vay%20ti%E1%BB%81n%20online%20nhanh&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=537689379&gjid=1470257157&cid=480835072.1661156580&tid=UA-149533745-3&_gid=1189303975.1661156580&_r=1&gtm=2ou8h0&z=152784538
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://vaytientot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 08:22:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vaytientot.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
1.-Top-%E1%BB%A9ng-d%E1%BB%A5ng-vay-ti%E1%BB%81n-online-772x350.jpg
vaytientot.com/wp-content/uploads/2020/03/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vaytientot.com/wp-content/uploads/2020/03/1.-Top-%E1%BB%A9ng-d%E1%BB%A5ng-vay-ti%E1%BB%81n-online-772x350.jpg
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7d2263517f3bf35e379bd487ea075201a63be42a15440a76967a31c4660f32ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:23:00 GMT
last-modified
Fri, 03 Apr 2020 03:13:32 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=10368000,public
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
33663
expires
Tue, 20 Dec 2022 08:23:00 GMT
7.top-5-vay-online-nhanh-nhat-trong-ngay-lai-thap-70x60.jpg
vaytientot.com/wp-content/uploads/2020/03/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vaytientot.com/wp-content/uploads/2020/03/7.top-5-vay-online-nhanh-nhat-trong-ngay-lai-thap-70x60.jpg
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5dbaf801447daffa873dfe79eb04757505a7eb1b65604a37c57db8e828a86be8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:23:00 GMT
last-modified
Fri, 03 Apr 2020 03:53:14 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=10368000,public
accept-ranges
bytes
content-length
1430
expires
Tue, 20 Dec 2022 08:23:00 GMT
1.-Top-%E1%BB%A9ng-d%E1%BB%A5ng-vay-ti%E1%BB%81n-online-70x60.jpg
vaytientot.com/wp-content/uploads/2020/03/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vaytientot.com/wp-content/uploads/2020/03/1.-Top-%E1%BB%A9ng-d%E1%BB%A5ng-vay-ti%E1%BB%81n-online-70x60.jpg
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
9fcc9f85ed99082478743875556c5bfea2db53f85049174b2775afed4e42bb24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:23:00 GMT
last-modified
Fri, 03 Apr 2020 03:13:26 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=10368000,public
accept-ranges
bytes
content-length
2020
expires
Tue, 20 Dec 2022 08:23:00 GMT
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
73ea342edae59034-FRA
date
Mon, 22 Aug 2022 08:22:59 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
2660
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 21 Sep 2022 08:22:59 GMT
icon
onesignal.com/api/v1/apps/7dafb930-a2cc-4bce-b658-32041493bb59/ 		192 B
665 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/7dafb930-a2cc-4bce-b658-32041493bb59/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e6f6457339f56a0b2ab1b96b9f345b2eccf95da5d645840f7fcc9eacee02598
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:59 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
status
200 OK
x-envoy-upstream-service-time
11
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
d13330de-ae07-4995-a944-67441449d05d
x-runtime
0.010107
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"8e6f6457339f56a0b2ab1b96b9f345b2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
max-age=0, private, must-revalidate
cf-ray
73ea342f6f9b5be1-FRA
access-control-allow-headers
SDK-Version
Tai-App-MB-Bank-1-70x60.png
vaytientot.com/wp-content/uploads/2020/05/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vaytientot.com/wp-content/uploads/2020/05/Tai-App-MB-Bank-1-70x60.png
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.252.248.26 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6cf63154197d738f8b2c2e2704d7c7a741629a8af2db27ed132d6540772c9a30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:23:00 GMT
last-modified
Thu, 14 May 2020 15:36:59 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=10368000,public
accept-ranges
bytes
content-length
6537
expires
Tue, 20 Dec 2022 08:23:00 GMT
4e07ca9f-4542-45e4-aabd-fd30b83af81b.png
img.onesignal.com/permanent/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/permanent/4e07ca9f-4542-45e4-aabd-fd30b83af81b.png
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2d79ff3b1ddfa785262d3ee38a65226324dc5629a9599d434743d8461b3464e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:23:00 GMT
vary
Accept-Encoding
cf-cache-status
REVALIDATED
x-amz-request-id
S44R8MNKQFAYWJZK
x-amz-meta-cache-control
public, maxage=604800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9369
x-amz-id-2
vhMHcKEQswiL3nYXTYwOIdFfWvuHvBvoeFBFjirrsc5JL4vHJegdFUMbhg0ZpgLHWLxQMVW5RjY=
last-modified
Tue, 02 Jun 2020 14:39:03 GMT
server
cloudflare
etag
"aa2c57e360232167483650eefe7d29a1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
73ea342fcc14bbb5-FRA
expires
Thu, 22 Sep 2022 08:23:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		218 B
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=vaytientot.com&callback=_gfp_s_&client=ca-pub-8535072256618724
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8535072256618724&plah=vaytientot.com&bust=31069028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
956cca09b2377bbaa1aa14bbab0215aff4665536917e6e1f49e524bc473b0622
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:22:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
203
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=vaytientot.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8535072256618724&plah=vaytientot.com&bust=31069028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Aug 2022 08:22:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=vaytientot.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8535072256618724&plah=vaytientot.com&bust=31069028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Aug 2022 08:22:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fvaytientot.com%2F&tn=DIV&id=onesignal-slidedown-container&cls=onesignal-slidedown-container%20onesignal-reset%20slide-down&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 08:22:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 80FA 		10 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&adk=318159125&adf=2184669829&lmt=1661092104&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fvaytientot.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156579534&bpp=2&bdt=1036&idt=281&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2289304363285&frm=20&pv=2&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=296
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8535072256618724&plah=vaytientot.com&bust=31069028
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa160ed97504d3bd1afaa99be4f177abf0381dfd0f54cf93626b75b546ca69e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vaytientot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
1094
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Aug 2022 08:22:59 GMT
expires
Mon, 22 Aug 2022 08:22:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=2&wpc=ca-pub-8535072256618724&warn=12%2C13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=false&a=6%2C1%2C5%2C7&apv=20220817_103741&sat=1661006727822&afm=0&as_count=0&d_count=0&ng_count=0&am_count=2&atf_count=0&mdns=0&alldns=0.166&allp=28&fd=(0%2C16%2C2)%2C(1%2C10%2C1)%2C(2%2C0%2C0)&pgh=2269&abl=false&rr=n&su=vaytientot.com&pvc=840614836778044&r=0.1&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019
Requested by
Host: vaytientot.com
URL: https://vaytientot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 08:23:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=vaytientot.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8535072256618724&plah=vaytientot.com&bust=31069028
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Aug 2022 08:23:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=vaytientot.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8535072256618724&plah=vaytientot.com&bust=31069028
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Aug 2022 08:23:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4AD2 		97 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=280&adk=3610921502&adf=1016305667&pi=t.aa~a.2198856842~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1661092104&rafmt=1&to=qs&pwprc=9487103438&psa=0&format=1200x280&url=https%3A%2F%2Fvaytientot.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=2&bdt=1558&idt=-M&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0&nras=2&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hgUGkD9FcR&p=https%3A//vaytientot.com&dtd=10
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8535072256618724&plah=vaytientot.com&bust=31069028
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6817a3afa907705b92f71ef6409159005e8651a0f8192f86b1cc814ff2c3774d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vaytientot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
34787
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Aug 2022 08:23:00 GMT
expires
Mon, 22 Aug 2022 08:23:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2BFD 		124 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=96&adk=4105439127&adf=3646346966&pi=t.aa~a.2041912670~rp.4&w=300&lmt=1661092104&nsk=320008e2&rafmt=11&pwprc=9487103438&psa=0&ad_type=text_image&format=300x96&url=https%3A%2F%2Fvaytientot.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=1&bdt=1558&idt=1&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1056&ady=1215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=CvQ0p5CD3X&p=https%3A//vaytientot.com&dtd=24
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8535072256618724&plah=vaytientot.com&bust=31069028
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9f5b8f186ba9c79d79dfdc0b529c850501f51d1689dc636e730f6ffb6676c82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vaytientot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46568
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Aug 2022 08:23:00 GMT
expires
Mon, 22 Aug 2022 08:23:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 2BFD 		8 KB
776 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400|Roboto:300,400,500&lang=de
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=96&adk=4105439127&adf=3646346966&pi=t.aa~a.2041912670~rp.4&w=300&lmt=1661092104&nsk=320008e2&rafmt=11&pwprc=9487103438&psa=0&ad_type=text_image&format=300x96&url=https%3A%2F%2Fvaytientot.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=1&bdt=1558&idt=1&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1056&ady=1215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=CvQ0p5CD3X&p=https%3A//vaytientot.com&dtd=24
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f664361b1e27cef1788d8e0630b9700875a97ddb41af4b4b9ae896365bf24385
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 22 Aug 2022 08:23:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 22 Aug 2022 08:23:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Aug 2022 08:23:00 GMT
css
fonts.googleapis.com/ Frame 2BFD 		8 KB
776 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400|Roboto:300,400,500&text=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=96&adk=4105439127&adf=3646346966&pi=t.aa~a.2041912670~rp.4&w=300&lmt=1661092104&nsk=320008e2&rafmt=11&pwprc=9487103438&psa=0&ad_type=text_image&format=300x96&url=https%3A%2F%2Fvaytientot.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=1&bdt=1558&idt=1&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1056&ady=1215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=CvQ0p5CD3X&p=https%3A//vaytientot.com&dtd=24
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f664361b1e27cef1788d8e0630b9700875a97ddb41af4b4b9ae896365bf24385
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 22 Aug 2022 08:23:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 22 Aug 2022 08:23:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Aug 2022 08:23:00 GMT
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 2BFD 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=96&adk=4105439127&adf=3646346966&pi=t.aa~a.2041912670~rp.4&w=300&lmt=1661092104&nsk=320008e2&rafmt=11&pwprc=9487103438&psa=0&ad_type=text_image&format=300x96&url=https%3A%2F%2Fvaytientot.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=1&bdt=1558&idt=1&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1056&ady=1215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=CvQ0p5CD3X&p=https%3A//vaytientot.com&dtd=24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
565d050c0575bbf2b923e0dcbe3c2d5729f0254c4edf68d53b1644e61db8008b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:13:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
590
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14051
x-xss-protection
0
server
cafe
etag
7443058143385388256
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Sep 2022 08:13:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2BFD 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=96&adk=4105439127&adf=3646346966&pi=t.aa~a.2041912670~rp.4&w=300&lmt=1661092104&nsk=320008e2&rafmt=11&pwprc=9487103438&psa=0&ad_type=text_image&format=300x96&url=https%3A%2F%2Fvaytientot.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=1&bdt=1558&idt=1&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1056&ady=1215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=CvQ0p5CD3X&p=https%3A//vaytientot.com&dtd=24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:23:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44050
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660737283953252"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 Aug 2022 08:23:00 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame 2BFD 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=96&adk=4105439127&adf=3646346966&pi=t.aa~a.2041912670~rp.4&w=300&lmt=1661092104&nsk=320008e2&rafmt=11&pwprc=9487103438&psa=0&ad_type=text_image&format=300x96&url=https%3A%2F%2Fvaytientot.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=1&bdt=1558&idt=1&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1056&ady=1215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=CvQ0p5CD3X&p=https%3A//vaytientot.com&dtd=24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 07:24:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3514
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9668
x-xss-protection
0
server
cafe
etag
3250940068065303693
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Sep 2022 07:24:26 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 2BFD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=96&adk=4105439127&adf=3646346966&pi=t.aa~a.2041912670~rp.4&w=300&lmt=1661092104&nsk=320008e2&rafmt=11&pwprc=9487103438&psa=0&ad_type=text_image&format=300x96&url=https%3A%2F%2Fvaytientot.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=1&bdt=1558&idt=1&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1056&ady=1215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=CvQ0p5CD3X&p=https%3A//vaytientot.com&dtd=24
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 07:28:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3273
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Sep 2022 07:28:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 2BFD 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=96&adk=4105439127&adf=3646346966&pi=t.aa~a.2041912670~rp.4&w=300&lmt=1661092104&nsk=320008e2&rafmt=11&pwprc=9487103438&psa=0&ad_type=text_image&format=300x96&url=https%3A%2F%2Fvaytientot.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=1&bdt=1558&idt=1&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1056&ady=1215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=CvQ0p5CD3X&p=https%3A//vaytientot.com&dtd=24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:06:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1017
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Sep 2022 08:06:03 GMT
l
www.google.com/ads/measurement/ Frame 2BFD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRyam74FnkHZa1Sf-eKc682dPWgEDPKsMRX3vdxkKlAx2sJT4pXYnrZAUr4nqBmYHbwr-roREuNIa6wYl1NaKXHhAzM9A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=96&adk=4105439127&adf=3646346966&pi=t.aa~a.2041912670~rp.4&w=300&lmt=1661092104&nsk=320008e2&rafmt=11&pwprc=9487103438&psa=0&ad_type=text_image&format=300x96&url=https%3A%2F%2Fvaytientot.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=1&bdt=1558&idt=1&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1056&ady=1215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=CvQ0p5CD3X&p=https%3A//vaytientot.com&dtd=24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
css
fonts.googleapis.com/ Frame 4AD2 		6 KB
672 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=280&adk=3610921502&adf=1016305667&pi=t.aa~a.2198856842~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1661092104&rafmt=1&to=qs&pwprc=9487103438&psa=0&format=1200x280&url=https%3A%2F%2Fvaytientot.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=2&bdt=1558&idt=-M&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0&nras=2&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hgUGkD9FcR&p=https%3A//vaytientot.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 22 Aug 2022 07:13:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 22 Aug 2022 08:23:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Aug 2022 08:23:00 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 4AD2 		2 KB
983 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=280&adk=3610921502&adf=1016305667&pi=t.aa~a.2198856842~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1661092104&rafmt=1&to=qs&pwprc=9487103438&psa=0&format=1200x280&url=https%3A%2F%2Fvaytientot.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=2&bdt=1558&idt=-M&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0&nras=2&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hgUGkD9FcR&p=https%3A//vaytientot.com&dtd=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 07:59:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1383
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Sep 2022 07:59:57 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame 4AD2 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=280&adk=3610921502&adf=1016305667&pi=t.aa~a.2198856842~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1661092104&rafmt=1&to=qs&pwprc=9487103438&psa=0&format=1200x280&url=https%3A%2F%2Fvaytientot.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=2&bdt=1558&idt=-M&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0&nras=2&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hgUGkD9FcR&p=https%3A//vaytientot.com&dtd=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 07:24:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3514
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9668
x-xss-protection
0
server
cafe
etag
3250940068065303693
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Sep 2022 07:24:26 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 4AD2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CMx7q5DwDY_PfBpff6wSC_rjgB8DarYFrjd6a9NAL3Yynva0CEAEgjMrke2CV4pCCoAegAY7N7soDyAEJqQIAtgNRItewPqgDAcgDywSqBMwBT9AKG5XKyGA9uZGMe1Sp2P8zF_TpWTEHLxOiZbc7wJVEO3Hhuu-gyB0Yk2BfdsWnvRShmT4vKF8JN9Q3GLzfDWdlMdXKVayTX9RF78Qkt5-FNf7Md_7icSZR8Mbuqp3YGmS2y9UC4xEWeQtp6lLl6xMD3Dy4bRVgJHUTyNG45VC1Ux6AYAA4QkYczh1QsgLtOKHI4j19Zr438X__Ge4HfKwNGABU7reGz1CvGRaRZDX0XLimRfQlXdWW3iRnO93wn6vG5TffQnnZFIvuwATfwbrhhwOSBQQIBBgBkgUECAUYBKAGLoAH2rKRNagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEPjHAtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDYgUB9AVAZgWAYAXAbIXHAoaCAASFHB1Yi04NTM1MDcyMjU2NjE4NzI0GAA&sigh=riaR-t6RwbY&uach_m=[UACH]&cid=CAQSOwCsnQUxIh1gVakQptLTkUWZUCt3KbVhDqN-k_cwX4Zbxk7aGRJBd9GMaN5xyMR9x7jsfi2VkxQyzvjxGAEgDg&template_id=484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=280&adk=3610921502&adf=1016305667&pi=t.aa~a.2198856842~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1661092104&rafmt=1&to=qs&pwprc=9487103438&psa=0&format=1200x280&url=https%3A%2F%2Fvaytientot.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=2&bdt=1558&idt=-M&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0&nras=2&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hgUGkD9FcR&p=https%3A//vaytientot.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=280&adk=3610921502&adf=1016305667&pi=t.aa~a.2198856842~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1661092104&rafmt=1&to=qs&pwprc=9487103438&psa=0&format=1200x280&url=https%3A%2F%2Fvaytientot.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=2&bdt=1558&idt=-M&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0&nras=2&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hgUGkD9FcR&p=https%3A//vaytientot.com&dtd=10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 22 Aug 2022 08:23:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 4AD2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=280&adk=3610921502&adf=1016305667&pi=t.aa~a.2198856842~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1661092104&rafmt=1&to=qs&pwprc=9487103438&psa=0&format=1200x280&url=https%3A%2F%2Fvaytientot.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=2&bdt=1558&idt=-M&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0&nras=2&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hgUGkD9FcR&p=https%3A//vaytientot.com&dtd=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:18:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
264
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Sep 2022 08:18:36 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4AD2 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=280&adk=3610921502&adf=1016305667&pi=t.aa~a.2198856842~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1661092104&rafmt=1&to=qs&pwprc=9487103438&psa=0&format=1200x280&url=https%3A%2F%2Fvaytientot.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=2&bdt=1558&idt=-M&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0&nras=2&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hgUGkD9FcR&p=https%3A//vaytientot.com&dtd=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:23:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44050
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660737283953252"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 Aug 2022 08:23:00 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 4AD2 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=280&adk=3610921502&adf=1016305667&pi=t.aa~a.2198856842~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1661092104&rafmt=1&to=qs&pwprc=9487103438&psa=0&format=1200x280&url=https%3A%2F%2Fvaytientot.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=2&bdt=1558&idt=-M&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0&nras=2&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hgUGkD9FcR&p=https%3A//vaytientot.com&dtd=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:06:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1017
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Sep 2022 08:06:03 GMT
e3ca5db921b3b46420ba257a4c2f6b26.js
www.gstatic.com/mysidia/ Frame 4AD2 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e3ca5db921b3b46420ba257a4c2f6b26.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=280&adk=3610921502&adf=1016305667&pi=t.aa~a.2198856842~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1661092104&rafmt=1&to=qs&pwprc=9487103438&psa=0&format=1200x280&url=https%3A%2F%2Fvaytientot.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=2&bdt=1558&idt=-M&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0&nras=2&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hgUGkD9FcR&p=https%3A//vaytientot.com&dtd=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 22:39:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
380618
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13683
x-xss-protection
0
last-modified
Wed, 17 Aug 2022 22:27:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 15 Nov 2022 22:39:22 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/15806569776867593490/ Frame 4AD2 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15806569776867593490/downsize_200k_v1?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=280&adk=3610921502&adf=1016305667&pi=t.aa~a.2198856842~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1661092104&rafmt=1&to=qs&pwprc=9487103438&psa=0&format=1200x280&url=https%3A%2F%2Fvaytientot.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=2&bdt=1558&idt=-M&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0&nras=2&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hgUGkD9FcR&p=https%3A//vaytientot.com&dtd=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed9e9fe1301cf9aba41ea5bfdca3fc39261d3fc12750573b23db6585dd4b37b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 13:48:42 GMT
x-content-type-options
nosniff
age
412458
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11676
x-xss-protection
0
last-modified
Sat, 18 Apr 2020 22:04:38 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 17 Aug 2023 13:48:42 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/11130673128485582884/ Frame 4AD2 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11130673128485582884/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=280&adk=3610921502&adf=1016305667&pi=t.aa~a.2198856842~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1661092104&rafmt=1&to=qs&pwprc=9487103438&psa=0&format=1200x280&url=https%3A%2F%2Fvaytientot.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=2&bdt=1558&idt=-M&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0&nras=2&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hgUGkD9FcR&p=https%3A//vaytientot.com&dtd=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
296972778a6384a9193881f3a684ed58e4ece38878551ca68a8c730b714845d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 15:56:17 GMT
x-content-type-options
nosniff
age
577603
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8157
x-xss-protection
0
last-modified
Wed, 12 May 2021 09:24:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 15 Aug 2023 15:56:17 GMT
2728354180183721846
tpc.googlesyndication.com/simgad/2310174121080484452/ Frame 2BFD 		879 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2310174121080484452/2728354180183721846?sqp=4sqPyQSSAUKPAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhYIRRBFGAEgAS0AAAA_MEU4RUUAAIA_&rs=AOga4qlFJgNUbUtUWz1BpB1x3lrknKhu9g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=96&adk=4105439127&adf=3646346966&pi=t.aa~a.2041912670~rp.4&w=300&lmt=1661092104&nsk=320008e2&rafmt=11&pwprc=9487103438&psa=0&ad_type=text_image&format=300x96&url=https%3A%2F%2Fvaytientot.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=1&bdt=1558&idt=1&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1056&ady=1215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=CvQ0p5CD3X&p=https%3A//vaytientot.com&dtd=24
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b30144a09ceaed33cc41a2a2b9c0cd99928754807b74f49526ae34124d55be5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:23:00 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
879
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 04:33:36 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 22 Aug 2023 08:23:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 2BFD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C68uJ5DwDY9jHB8Xn6gTop7roAZ2Oh-pr4rLBuLEQoZCsvbIJEAEgjMrke2CV4pCCoAegAemIhsQDyAEGqQIAtgNRItewPqgDAcgDywSqBMkBT9D6-iCzhEZBYvC7bdMXSQ6cGIYOaxxi4G575tEQWfLyiV3R36N3OOdyZmkczzzsAivX9Y4UjjheFVOs9oe464a2Pr7oF3UL_tpc6Ol6iLmA8p2_fIfHFtkrom8OMMB5YVsw0OF7YMfzNgCXrRGdl_feliXOyZlpcYrpIL2Jp1-ANS-LXdN7u9uCG_c3MN-Tm0y3lSQ9kCO1KnHIjFcEh3vbFp8XwyGJH6WIfKES4-i-QVfhZ18r6SANF1_gw3m_86ZCwaxEhyKHwASgnba78AOSBQQIBBgBkgUECAUYBKAGN4AHzZ7vMagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcFEJyAtQXSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTC9AVAZgWAYAXAbIXHAoaCAASFHB1Yi04NTM1MDcyMjU2NjE4NzI0GAA&sigh=BNnENCxHzLU&uach_m=[UACH]&template_id=492
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=96&adk=4105439127&adf=3646346966&pi=t.aa~a.2041912670~rp.4&w=300&lmt=1661092104&nsk=320008e2&rafmt=11&pwprc=9487103438&psa=0&ad_type=text_image&format=300x96&url=https%3A%2F%2Fvaytientot.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=1&bdt=1558&idt=1&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1056&ady=1215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=CvQ0p5CD3X&p=https%3A//vaytientot.com&dtd=24
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=96&adk=4105439127&adf=3646346966&pi=t.aa~a.2041912670~rp.4&w=300&lmt=1661092104&nsk=320008e2&rafmt=11&pwprc=9487103438&psa=0&ad_type=text_image&format=300x96&url=https%3A%2F%2Fvaytientot.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=1&bdt=1558&idt=1&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1056&ady=1215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=CvQ0p5CD3X&p=https%3A//vaytientot.com&dtd=24
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 22 Aug 2022 08:23:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2BFD 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400|Roboto:300,400,500&lang=de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 20:10:25 GMT
x-content-type-options
nosniff
age
389555
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 20:10:25 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame 2BFD 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400|Roboto:300,400,500&lang=de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:53:06 GMT
x-content-type-options
nosniff
age
361794
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12708
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:55:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Aug 2023 03:53:06 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3639 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=280&adk=3610921502&adf=1016305667&pi=t.aa~a.2198856842~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1661092104&rafmt=1&to=qs&pwprc=9487103438&psa=0&format=1200x280&url=https%3A%2F%2Fvaytientot.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=2&bdt=1558&idt=-M&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0&nras=2&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hgUGkD9FcR&p=https%3A//vaytientot.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
64256
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 14:32:04 GMT
etag
48472445140208031
expires
Mon, 22 Aug 2022 14:32:04 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 8117 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=96&adk=4105439127&adf=3646346966&pi=t.aa~a.2041912670~rp.4&w=300&lmt=1661092104&nsk=320008e2&rafmt=11&pwprc=9487103438&psa=0&ad_type=text_image&format=300x96&url=https%3A%2F%2Fvaytientot.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=1&bdt=1558&idt=1&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1056&ady=1215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=CvQ0p5CD3X&p=https%3A//vaytientot.com&dtd=24
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=96&adk=4105439127&adf=3646346966&pi=t.aa~a.2041912670~rp.4&w=300&lmt=1661092104&nsk=320008e2&rafmt=11&pwprc=9487103438&psa=0&ad_type=text_image&format=300x96&url=https%3A%2F%2Fvaytientot.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=1&bdt=1558&idt=1&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1056&ady=1215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=CvQ0p5CD3X&p=https%3A//vaytientot.com&dtd=24
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
703
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Mon, 22 Aug 2022 08:11:17 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 17DE 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=96&adk=4105439127&adf=3646346966&pi=t.aa~a.2041912670~rp.4&w=300&lmt=1661092104&nsk=320008e2&rafmt=11&pwprc=9487103438&psa=0&ad_type=text_image&format=300x96&url=https%3A%2F%2Fvaytientot.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=1&bdt=1558&idt=1&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1056&ady=1215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=CvQ0p5CD3X&p=https%3A//vaytientot.com&dtd=24
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
64256
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 14:32:04 GMT
etag
48472445140208031
expires
Mon, 22 Aug 2022 14:32:04 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2BFD 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44997613c538d76e3bc910af59b8f1157ad0fa56481a1f993a0f2bdd0a59d1d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4AD2 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f65796d0f18a60d8190c57c305e131c558dff459dd14e11e808e410f11df2422

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame 3639 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOuIdetEs1GCglxpRd7KQew&google_cver=1&google_push=AehlK4Bjbl_1Ty1Wqs9IbOnln9JhL-AEosyDRT2zOhRmLDw6N9cd5lxcGJYgQBNQ8-liUmcAxiUMppbJ-K0HZGYIRyXm1uHxGjk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=280&adk=3610921502&adf=1016305667&pi=t.aa~a.2198856842~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1661092104&rafmt=1&to=qs&pwprc=9487103438&psa=0&format=1200x280&url=https%3A%2F%2Fvaytientot.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=2&bdt=1558&idt=-M&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0&nras=2&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hgUGkD9FcR&p=https%3A//vaytientot.com&dtd=10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 08:23:00 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3639
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4B5qZ1k...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4B5qZ1k...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MjIwODIzMDEwMDAyODUxODA1ODczNg%3D%3D&google_push=AehlK4B5qZ1k8arZ41YA4VoaWVa-XcJ0C-WesgxbF34x96AKv4SDcc-UAf0hpQd1L8USI2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MjIwODIzMDEwMDAyODUxODA1ODczNg%3D%3D&google_push=AehlK4B5qZ1k8arZ41YA4VoaWVa-XcJ0C-WesgxbF34x96AKv4SDcc-UAf0hpQd1L8USI2NrnguknFviu2aKLtu32TlVvWguVQ
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 08:23:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MjIwODIzMDEwMDAyODUxODA1ODczNg%3D%3D&google_push=AehlK4B5qZ1k8arZ41YA4VoaWVa-XcJ0C-WesgxbF34x96AKv4SDcc-UAf0hpQd1L8USI2NrnguknFviu2aKLtu32TlVvWguVQ
pragma
no-cache
date
Mon, 22 Aug 2022 08:23:01 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Mon, 22 Aug 2022 08:23:01 GMT
sync
odr.mookie1.com/t/v2/ Frame 3639 		43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEHgC3rQRIYkIxw_6ueufm5w&google_push=AehlK4Dpo5PIKcHtBNpw_6dW8ROISaLOCCL6k8jjSZGvzg2cJHZU0-gQO7AnXIDOKR524wg6Ij-r5p43hMEv7pKrzLryenJlpZg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=280&adk=3610921502&adf=1016305667&pi=t.aa~a.2198856842~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1661092104&rafmt=1&to=qs&pwprc=9487103438&psa=0&format=1200x280&url=https%3A%2F%2Fvaytientot.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=2&bdt=1558&idt=-M&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0&nras=2&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hgUGkD9FcR&p=https%3A//vaytientot.com&dtd=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 08:23:00 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 3639 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEINjjo9pO8r-cHK2gm3dI6Q&google_cver=1&google_push=AehlK4B6MVvdbGPO_Dh-plsWTt0UbXiYFpEgb9XMe1a6Lns9grdYVP7Xry3FVart66bZlB0G0fY9e4-kp67T5uaL0qH5ynJIww
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=280&adk=3610921502&adf=1016305667&pi=t.aa~a.2198856842~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1661092104&rafmt=1&to=qs&pwprc=9487103438&psa=0&format=1200x280&url=https%3A%2F%2Fvaytientot.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=2&bdt=1558&idt=-M&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0&nras=2&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hgUGkD9FcR&p=https%3A//vaytientot.com&dtd=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 08:23:00 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
ncct8hjju1c6s0nucnvttbbc843k6ejh
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 3639 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFet_7R-kHfXoU4PFSfBmk0&google_cver=1&google_push=AehlK4B-NVElcInOEdoo8aAMKlRs3MRGdqmztuUQ_hAXAna6Jc_zDBc5QWvUJQxm32yttVHO_4pfjKCFyoRu267y2Yyej3uoyWE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=280&adk=3610921502&adf=1016305667&pi=t.aa~a.2198856842~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1661092104&rafmt=1&to=qs&pwprc=9487103438&psa=0&format=1200x280&url=https%3A%2F%2Fvaytientot.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=2&bdt=1558&idt=-M&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0&nras=2&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hgUGkD9FcR&p=https%3A//vaytientot.com&dtd=10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:23:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 3639
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELzJpAW2kDOmivdSo6u1Eqk&google_cver=1&google_push=AehlK4D-1cLIja2pT8QmNHjtQGx5D2J91lADYhI6R7kESwiWTN6vdh5lxbwRrMUgV6fSkxlTYDm...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc0SFFMMEgtMjUtNFZTNQ==&google_push=AehlK4D-1cLIja2pT8QmNHjtQGx5D2J91lADYhI6R7kESwiWTN6vdh5lxbwRrMUgV6fSkxlTYDmSJDYogxDJ8WPGs8GB1jx_UGY
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc0SFFMMEgtMjUtNFZTNQ==&google_push=AehlK4D-1cLIja2pT8QmNHjtQGx5D2J91lADYhI6R7kESwiWTN6vdh5lxbwRrMUgV6fSkxlTYDmSJDYogxDJ8WPGs8GB1jx_UGY
Protocol
H2
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 08:23:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc0SFFMMEgtMjUtNFZTNQ==&google_push=AehlK4D-1cLIja2pT8QmNHjtQGx5D2J91lADYhI6R7kESwiWTN6vdh5lxbwRrMUgV6fSkxlTYDmSJDYogxDJ8WPGs8GB1jx_UGY
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
pixel
cm.g.doubleclick.net/ Frame 3639
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHT1_zSiCzMjEf57KtE9Er4&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHT1_zSiCzMjEf57KtE9Er4&google_push=Ae...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHT1_zSiCzMjEf57KtE9Er4&google_hm=YwM85EZ7W9BZdK0KblcCogAABFEAAAIB&google_nid=index&google_push=AehlK4C3T5WlS8lgEwP9kOoMgQy-rnGzxKWPw...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHT1_zSiCzMjEf57KtE9Er4&google_hm=YwM85EZ7W9BZdK0KblcCogAABFEAAAIB&google_nid=index&google_push=AehlK4C3T5WlS8lgEwP9kOoMgQy-rnGzxKWPwJpLpBqNVwWZTamohtb3R2-Jd6Vdk1EgUdN29_x2emaHatQ0CYlHAjK8-AJGHCE
Protocol
H2
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 08:23:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Aug 2022 08:23:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xu0EHO%2BKnJyAGr4C1XNrZV2hQvhWPunvUQI2xyUUexAAHpJROpjMQ6d3QUQwiZ9f7ZUkuwxOLS1ruhhX%2By1zx5dz1aSTjiYzRAUAYwwToaHv0jKC7DqSj1V9tb2MDxvLzb4fxsSNrL5gHA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHT1_zSiCzMjEf57KtE9Er4&google_hm=YwM85EZ7W9BZdK0KblcCogAABFEAAAIB&google_nid=index&google_push=AehlK4C3T5WlS8lgEwP9kOoMgQy-rnGzxKWPwJpLpBqNVwWZTamohtb3R2-Jd6Vdk1EgUdN29_x2emaHatQ0CYlHAjK8-AJGHCE
cache-control
no-cache
cf-ray
73ea34366d9a9142-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
attr
cm.g.doubleclick.net/pixel/ Frame 3639 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IfkKEG_X0CITLImxGJMYb44M-fGeGqPr6gIWpptKt17b8VFtOGRJEVRqEis-RZkjhLCZpy
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=280&adk=3610921502&adf=1016305667&pi=t.aa~a.2198856842~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1661092104&rafmt=1&to=qs&pwprc=9487103438&psa=0&format=1200x280&url=https%3A%2F%2Fvaytientot.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=2&bdt=1558&idt=-M&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0&nras=2&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hgUGkD9FcR&p=https%3A//vaytientot.com&dtd=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:23:00 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4AD2 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 11:47:17 GMT
x-content-type-options
nosniff
age
592543
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Aug 2023 11:47:17 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4AD2 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 05:29:41 GMT
x-content-type-options
nosniff
age
96799
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 21 Aug 2023 05:29:41 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4AD2 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 08:01:51 GMT
x-content-type-options
nosniff
age
346869
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Aug 2023 08:01:51 GMT
932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
pagead2.googlesyndication.com/bg/ Frame 02DC 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=280&adk=3610921502&adf=1016305667&pi=t.aa~a.2198856842~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1661092104&rafmt=1&to=qs&pwprc=9487103438&psa=0&format=1200x280&url=https%3A%2F%2Fvaytientot.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=2&bdt=1558&idt=-M&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0&nras=2&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hgUGkD9FcR&p=https%3A//vaytientot.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 07:24:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
3507
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 22 Aug 2023 07:24:33 GMT
pixel
cm.g.doubleclick.net/ Frame 17DE
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDT2l8ajtCQkgL7opMEvfH8&google_cver=1&google_push=AehlK4A0WifN2H0Dfy6e2aC81RRrxYpSJ_hYAXLtIgstX0D2AHBNsKOcJy...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4A0WifN2H0Dfy6e2aC81RRrxYpSJ_hYAXLtIgstX0D2AHBNsKOcJyl9Y4Bfep_zr5sBvPaFbD0FgsGUJpjVTU9LpS1QXIc&google_hm=X2O6TFUZIZzqU...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4A0WifN2H0Dfy6e2aC81RRrxYpSJ_hYAXLtIgstX0D2AHBNsKOcJyl9Y4Bfep_zr5sBvPaFbD0FgsGUJpjVTU9LpS1QXIc&google_hm=X2O6TFUZIZzqUxM7orF8uw
Protocol
H2
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 08:23:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4A0WifN2H0Dfy6e2aC81RRrxYpSJ_hYAXLtIgstX0D2AHBNsKOcJyl9Y4Bfep_zr5sBvPaFbD0FgsGUJpjVTU9LpS1QXIc&google_hm=X2O6TFUZIZzqUxM7orF8uw
pragma
no-cache
date
Mon, 22 Aug 2022 08:23:00 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
466606.gif
id.rlcdn.com/ Frame 17DE 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4B2FmDZzQndb0pdjGRlsJ9azRuHH93F_LxtmkJRr6v-lH4-SNiDoS7aWSdF8KbwefJSvci88NuflidMDvV4UvL5nhQg8Q&google_gid=CAESEFNoIFlSFvouL0t7tTUZ28U&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=96&adk=4105439127&adf=3646346966&pi=t.aa~a.2041912670~rp.4&w=300&lmt=1661092104&nsk=320008e2&rafmt=11&pwprc=9487103438&psa=0&ad_type=text_image&format=300x96&url=https%3A%2F%2Fvaytientot.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=1&bdt=1558&idt=1&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1056&ady=1215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=CvQ0p5CD3X&p=https%3A//vaytientot.com&dtd=24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:23:00 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dds
rtb.openx.net/sync/ Frame 17DE 		43 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEGFjr2ELd8RGS8hm9Ajo5b4&google_cver=1&google_push=AehlK4BuZSZ4aT7TbOOhJC6VK2hNf2dwPmBmADaLDXSmLwTCJKqYfNYwzJ3IsRo5KdQ5U6m2OC9QPdEEnc9MqHLX3oy4IB20EpQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=96&adk=4105439127&adf=3646346966&pi=t.aa~a.2041912670~rp.4&w=300&lmt=1661092104&nsk=320008e2&rafmt=11&pwprc=9487103438&psa=0&ad_type=text_image&format=300x96&url=https%3A%2F%2Fvaytientot.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=1&bdt=1558&idt=1&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1056&ady=1215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=CvQ0p5CD3X&p=https%3A//vaytientot.com&dtd=24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 08:23:00 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
2rqpv1uoebdj227cagur6m11e1jah4hn
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 17DE 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMhR0Hg94RIRoPEPWtYAPcs&google_cver=1&google_push=AehlK4Dy0k7ceiewSp6AMqnUwQsTV5ESVmYToHnjI4M6pVmcjFJYEtxPlf62Wl4asxyOPy6AgdrBoRg3xwMbDXpnleWccdCXYA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=96&adk=4105439127&adf=3646346966&pi=t.aa~a.2041912670~rp.4&w=300&lmt=1661092104&nsk=320008e2&rafmt=11&pwprc=9487103438&psa=0&ad_type=text_image&format=300x96&url=https%3A%2F%2Fvaytientot.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=1&bdt=1558&idt=1&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1056&ady=1215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=CvQ0p5CD3X&p=https%3A//vaytientot.com&dtd=24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:23:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 17DE
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEE0_i8BWeOSkBPgA1K-xPAo&google_cver=1&google_push=AehlK4Bew4LloN83oG6otOVaRa2ZpX-TOtYRqYdHQexS2DYlHCFe11Dx5YOoqJVJbqJNaDR2pTB...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc0SFFMMFUtMVEtNUdWSw==&google_push=AehlK4Bew4LloN83oG6otOVaRa2ZpX-TOtYRqYdHQexS2DYlHCFe11Dx5YOoqJVJbqJNaDR2pTBzrsivSwdv0UJ_Vu6zyIaVHg
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc0SFFMMFUtMVEtNUdWSw==&google_push=AehlK4Bew4LloN83oG6otOVaRa2ZpX-TOtYRqYdHQexS2DYlHCFe11Dx5YOoqJVJbqJNaDR2pTBzrsivSwdv0UJ_Vu6zyIaVHg
Protocol
H2
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 08:23:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc0SFFMMFUtMVEtNUdWSw==&google_push=AehlK4Bew4LloN83oG6otOVaRa2ZpX-TOtYRqYdHQexS2DYlHCFe11Dx5YOoqJVJbqJNaDR2pTBzrsivSwdv0UJ_Vu6zyIaVHg
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
pixel
cm.g.doubleclick.net/ Frame 17DE
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOPmD1N2LiEcdUxFebATW2g&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOPmD1N2LiEcdUxFebATW2g&google_push=Ae...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOPmD1N2LiEcdUxFebATW2g&google_hm=YwM85EZ7W9BZdK0KblcCogAABFEAAAIB&google_nid=index&google_push=AehlK4DEaC3bnok5X5xI1IJMKJqJtS8iF9wZ-...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOPmD1N2LiEcdUxFebATW2g&google_hm=YwM85EZ7W9BZdK0KblcCogAABFEAAAIB&google_nid=index&google_push=AehlK4DEaC3bnok5X5xI1IJMKJqJtS8iF9wZ-myxv7DSSgPLDx44UKcI-zryso_2bJBYUF_CzdGSQdV3cUBoUCo4Nso8xe2ROGE
Protocol
H2
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 08:23:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Aug 2022 08:23:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oF5r8BnGlo2PcjVvaWCg%2BJm%2FgHSrR0qu6ygxH9pW%2Brn75tGfVkoS3hAtvN4kEQowaq4N%2BfoJ4dsr%2FZW96rYnPJnm0ZZtJmCFGVz85GnyV8fdA%2Fuq5M7rLuuMFZUD4bIxHdZumA1iTMmxhw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOPmD1N2LiEcdUxFebATW2g&google_hm=YwM85EZ7W9BZdK0KblcCogAABFEAAAIB&google_nid=index&google_push=AehlK4DEaC3bnok5X5xI1IJMKJqJtS8iF9wZ-myxv7DSSgPLDx44UKcI-zryso_2bJBYUF_CzdGSQdV3cUBoUCo4Nso8xe2ROGE
cache-control
no-cache
cf-ray
73ea34366d9b9142-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
trk
ag.innovid.com/ Frame 17DE 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEHDpO9BaBvwMcTTIy6YVTM4&google_cver=1&google_push=AehlK4A0xFS5YtmY2hgS2gNm_-NIjmBeh6_VkcZ7ZKaRhJlRAB18wSIBPKeXGCAqEvzzDPCf8uF4qka1qgokAQoH2744ymAtKpY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=96&adk=4105439127&adf=3646346966&pi=t.aa~a.2041912670~rp.4&w=300&lmt=1661092104&nsk=320008e2&rafmt=11&pwprc=9487103438&psa=0&ad_type=text_image&format=300x96&url=https%3A%2F%2Fvaytientot.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=1&bdt=1558&idt=1&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1056&ady=1215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=CvQ0p5CD3X&p=https%3A//vaytientot.com&dtd=24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8101:fce4:7d96:66d4:9311 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 08:23:01 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
1
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 17DE 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Loc34HzbYAtfFNfUghGPj9tc6GHghsIDVHtzOTeDA2X55xEX3q97yBN7AWSjVc5hSBOVH9
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=96&adk=4105439127&adf=3646346966&pi=t.aa~a.2041912670~rp.4&w=300&lmt=1661092104&nsk=320008e2&rafmt=11&pwprc=9487103438&psa=0&ad_type=text_image&format=300x96&url=https%3A%2F%2Fvaytientot.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=1&bdt=1558&idt=1&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1056&ady=1215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=CvQ0p5CD3X&p=https%3A//vaytientot.com&dtd=24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:23:00 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220817&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8535072256618724&plah=vaytientot.com&bust=31069028
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0d75766e7a9d8e4d00d13ef0a07e268e18b32a7ef508cea1e74910e183b6e37d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Aug 2022 08:23:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11164
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8117
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=96&adk=4105439127&adf=3646346966&pi=t.aa~a.2041912670~rp.4&w=300&lmt=1661092104&nsk=320008e2&rafmt=11&pwprc=9487103438&psa=0&ad_type=text_image&format=300x96&url=https%3A%2F%2Fvaytientot.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=1&bdt=1558&idt=1&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1056&ady=1215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=CvQ0p5CD3X&p=https%3A//vaytientot.com&dtd=24
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Aug 2022 08:23:00 GMT
expires
Mon, 22 Aug 2022 08:23:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Aug 2022 08:23:00 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
pagead2.googlesyndication.com/bg/ Frame 3116 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535072256618724&output=html&h=96&adk=4105439127&adf=3646346966&pi=t.aa~a.2041912670~rp.4&w=300&lmt=1661092104&nsk=320008e2&rafmt=11&pwprc=9487103438&psa=0&ad_type=text_image&format=300x96&url=https%3A%2F%2Fvaytientot.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661156580056&bpp=1&bdt=1558&idt=1&shv=r20220817&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D73b85a8c76224d12-22a2fa3efccd00bc%3AT%3D1661156579%3ART%3D1661156579%3AS%3DALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2289304363285&frm=20&pv=1&ga_vid=480835072.1661156580&ga_sid=1661156580&ga_hid=1969714013&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1056&ady=1215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069028%2C31064019&oid=2&pvsid=840614836778044&tmod=212149288&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=CvQ0p5CD3X&p=https%3A//vaytientot.com&dtd=24
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 07:24:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
3507
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 22 Aug 2023 07:24:33 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8535072256618724&plah=vaytientot.com&bust=31069028
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:23:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 Aug 2022 08:23:01 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8CEA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vaytientot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3314
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Aug 2022 07:27:47 GMT
expires
Tue, 22 Aug 2023 07:27:47 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 007E 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bf8965ca9cd1e5e11b2d15eca51a09404b9aae7ea71e42c9d6215c79d6abfa5e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ra8yZWGIVBXDUpaFvf3v5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vaytientot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-ra8yZWGIVBXDUpaFvf3v5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 22 Aug 2022 08:23:01 GMT
expires
Mon, 22 Aug 2022 08:23:01 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
pagead2.googlesyndication.com/bg/ Frame 8CEA 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 07:24:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
3508
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 22 Aug 2023 07:24:33 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 007E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220817&jk=840614836778044&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 8CEA 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?svt-lQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:23:01 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220817&jk=840614836778044&bg=!IyClIGTNAAYUOm8VNDo7ACkAdvg8Wha0eFzqmpq4GXDymAlt6hxngQZOoGI8Jbc5IatwZOOGZ8Cy8QIAAABSUgAAAAJoAQcKAGVN5oTVhGhrRrEXSxtI8GsgebZ5fjjndzRJJIpJuEt41oxyluo5bOl8wCmFu8qwJ3LYoll9SEo5hB_NGLeeRpJm0Kn7Sa-6VvEBEX_0fHO0yEutR5TiSxhWD5MPdJmqByRP-jNIlpkC-zIST6t5IF8wrYD-vqWfqjM3hgSKOoYv8PHLCBkke-kT043KunKM0n_hPHuLV43Q6UsZhOxv-lajI_Uj9AnwwAmhwvkjMcdgRvBMAg4ArAqLZf7v6616kdVHq0E--v3kCaesL1siMcS6zvXw3oi6DFTM4wcRIDXx-_AmQCpJxt3tHGVChDS7qTvqmDW8k8q2uMNt51w_n7-DTad-aD_D8dmAiOZ9oyr7mtJVRn5VgHQdEkgcE5ZvU3kC7IajqvTQOE02Rp5es1EE-UPxd46c3BS0PCswtvS0vnqzUyyguXI4QpdpZI7qVBUeqgIxKjufiYBeDgpe_jZsxBKhTvT4tdLZYI55fEyz6hiWdSBbYxXH9BhYZ5mieWaDLi0h5kcBDekBB6C1fnW-OgyFzIIe7SEHTsm5KbDEUqzXjyY2ZlocO274oyY0V-fRnEt6E9zvJq16I_Dm7J66s2fiR_-UY4ZvUvsr9Y1z-YUzVlV3VHn22W0vGGeMY8KujjyE_5JcKVuGrnoy68ERkQFYDkDDP7XWpAsrOYTxBfREJrLC9-wZfRe7p0l0g7cBdPnL2UTF_I6qndKKiZutbIkGKlojlBhf9GqgvJAvelQyoIRy2ui03_yp58Mi-ZD2a_zK7jqQbZFYHWQxzRjpxqle_fdg0c2ajhxLql__DMF6sBBA0XWB5zE9x3pkvZfSwKIAgVDiWkn55p_d1NKtFBRMVFSNnOr6dq-MhyUdg-iSGIilCuBgf7c3X1L8t3HXjQ4_vjREt-Zv9cG7V0ni9ReKyS69HW6dSuTVcYUO08-gLC0wz2kV5W9ngLSF4Docvbor1UU5ncTaA9tOCe4-kfzy6Vvfdrqg1KLzra4lm83keTtC8nN1gjOjo5oBFeil0FExV8ZCxXNJkKXND7CZkCOyCRZTCSb9UMpvvDtXtPVg-uAlfddXydRw2243dRQYD1yONNMmFaml6P_3vlhIxa8z64-x75wttbh8r3wt2M5k25GJ9kBbPMMckAvfS_7Y2Y0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vaytientot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
7.top-5-vay-online-nhanh-nhat-trong-ngay-lai-thap-772x350.jpg
vaytientot.com/wp-content/uploads/2020/03/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
vaytientot.com
URL
https://vaytientot.com/wp-content/uploads/2020/03/7.top-5-vay-online-nhanh-nhat-trong-ngay-lai-thap-772x350.jpg

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation undefined| $ function| jQuery function| gtag object| dataLayer string| image_save_msg string| no_menu_msg string| smessage function| disableEnterKey function| wccp_free_iscontenteditable function| disable_copy function| disable_copy_ie function| reEnable function| disableSelection function| onlongtouch undefined| timer number| touchduration string| elemtype function| touchstart function| touchend function| wccp_pro_is_passive function| nocontext undefined| e function| documentInitOneSignal function| OneSignal undefined| timeout_result function| show_wpcp_message function| hide_message object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wpcf7 object| kk_star_ratings object| tocplus object| mts_customscript object| slideropts object| mts_ajax_search object| lazySizes function| fnDelay object| paceOptions object| Pace object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint boolean| mtsRTL function| EventEmitter object| eventie function| imagesLoaded number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 object| $header object| gaplugins object| gaGlobal object| gaData function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages number| google_lpabyc object| googletag object| GoogleGcLKhOms

22 Cookies

Domain/Path Name / Value
.vaytientot.com/ Name: _ga
Value: GA1.2.480835072.1661156580
.vaytientot.com/ Name: _gid
Value: GA1.2.1189303975.1661156580
.vaytientot.com/ Name: _gat_gtag_UA_149533745_3
Value: 1
.vaytientot.com/ Name: __gads
Value: ID=73b85a8c76224d12-22a2fa3efccd00bc:T=1661156579:RT=1661156579:S=ALNI_MbfPY3ptDZZhhwhUGhKo20RYvkYeA
.doubleclick.net/ Name: IDE
Value: AHWqTUky5kLsVbf9U8neSk-gt4pnEmhN6EfyvN3Velmzri9AZFtOj1LgYCzQERwqbbw
.quantserve.com/ Name: d
Value: EEsBCQH1JoEA
.quantserve.com/ Name: mc
Value: 63033ce4-c4aa8-1ef30-09ab9
.casalemedia.com/ Name: CMID
Value: YwM85EZ7W9BZdK0KblcCogAA
.casalemedia.com/ Name: CMPS
Value: 1105
.casalemedia.com/ Name: CMPRO
Value: 1105
.casalemedia.com/ Name: CMTS
Value: 1131
.doubleclick.net/ Name: DSID
Value: NO_DATA
.innovid.com/ Name: uuid
Value: 12c4c2b1-5fb7-4a2c-80a2-62771d033ceb-20220822 04:23:01
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: na_id
Value: 2022082208230100028518058736
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 63033ce5b0c6fbfe
.addthis.com/ Name: ouid
Value: 63033ce500019101d761f0f0a516b9829c3efe517f60003ef656
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20220822
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0

1 Console Messages

Source Level URL
Text
network error URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4B2FmDZzQndb0pdjGRlsJ9azRuHH93F_LxtmkJRr6v-lH4-SNiDoS7aWSdF8KbwefJSvci88NuflidMDvV4UvL5nhQg8Q&google_gid=CAESEFNoIFlSFvouL0t7tTUZ28U&google_cver=1
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
cdn.onesignal.com
cm.g.doubleclick.net
cms.quantserve.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
id.rlcdn.com
image6.pubmatic.com
images.dmca.com
img.onesignal.com
odr.mookie1.com
onesignal.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
proof.sudo.vn
rtb.openx.net
ssum-sec.casalemedia.com
tpc.googlesyndication.com
vaytientot.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
vaytientot.com
103.83.156.4
104.18.19.126
151.139.242.29
172.217.16.194
172.217.23.98
185.64.190.78
2606:4700::6812:e234
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:812::200a
2a00:1450:4001:829::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2008
2a05:d01c:1d8:8101:fce4:7d96:66d4:9311
34.98.67.61
35.227.252.103
35.244.174.68
45.252.248.26
69.173.144.165
69.192.160.219
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0948409a22b5979aa7e1ec20da9e61f12e7d403800b541ece053881bd2542b70
0b588d55b67f5b79bf359dbc0a91da187b927e3351380a5a01760b394e6624dc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d75766e7a9d8e4d00d13ef0a07e268e18b32a7ef508cea1e74910e183b6e37d
16741fd1463c6864f31f7db56d6f3943c21d8f4c94b540a7267c4a9d5b514748
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cd6396792d7bfdd898dcb9f2ee195387179b30fb4cc2cdc0c57575fab655230
24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b
296972778a6384a9193881f3a684ed58e4ece38878551ca68a8c730b714845d1
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b
2f37ce44bf99fb698922425abd8d6898851b1ce3ada24a679046ba4b0a2da7e5
366070d850e3a4794b086bfcda5289d0edfa9d7529507ffef3b8dbe38ae75d17
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
3fbbb11a1277d59e4e1e16d06b52c40329e474c168df2f9f36b38ab47bd08f50
44997613c538d76e3bc910af59b8f1157ad0fa56481a1f993a0f2bdd0a59d1d7
44f4185231397d25123c57cddc8adf29fb9559dd58548286954b2042a5865b27
4abb7aa5439849a3cddb4085a9c39b6ef0a54da587c675c4cb4e9887974e5642
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
541aff62455f1214669ca79ae8c6262ddfba919425b6ed4e9d07071824430d0b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56544b89de11e26ae80a5212b3387d693b1bfbaf68312e3ccc0f0b7a00382f5d
565d050c0575bbf2b923e0dcbe3c2d5729f0254c4edf68d53b1644e61db8008b
567373119fe7f49f4c45885d7e39dad004c637a51da92184ad62ac6bef67847c
568de4a237f78930c495806b9302c91df36f7212ee5af1cc6d9f4abc3ff03b38
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
5dbaf801447daffa873dfe79eb04757505a7eb1b65604a37c57db8e828a86be8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6817a3afa907705b92f71ef6409159005e8651a0f8192f86b1cc814ff2c3774d
6abba1c5cd542f8f5d4b9561b3315f05ff018a2647f216fbf6ac2002aca567cf
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cf63154197d738f8b2c2e2704d7c7a741629a8af2db27ed132d6540772c9a30
6da593bb41278863238449ee446ac7a689c10718f2351833aa9e6f1575c3ac21
6e00e8106852b7f72579fe646747028c496cb328fdfea0db3b95c1f1d6e0d7f8
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
7d2263517f3bf35e379bd487ea075201a63be42a15440a76967a31c4660f32ee
7d7eb11908e070812f25571fc82f0b8bddba557fc83bc8100473a25dcb0d516d
7f079a1b23d9a59bf88218876062aecc796d811d94ad236cb240ebc25d36e197
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ca4ba3e07d3f5cf312d5f6eb336815d9563c351f145fae9cf93ba2a0e69913c
8e3f3aaf02f3bf0ba23a4d6ad52fca91d55f37c524c86dd08edc6091c792a51e
8e6f6457339f56a0b2ab1b96b9f345b2eccf95da5d645840f7fcc9eacee02598
956cca09b2377bbaa1aa14bbab0215aff4665536917e6e1f49e524bc473b0622
97ce1e1f5dbfda35ac979b593e79e1673a3e725790339d767e4a6ca6e94a4828
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
994e38c6dc8e7aa59f36f2920b2f9ec932c8c4f0d480e92e8a3ca227cce80a96
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9fcc9f85ed99082478743875556c5bfea2db53f85049174b2775afed4e42bb24
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a683c4022892de46206f559065e02e236fc3fcd97d67757048355ffcad861bc3
a9f5b8f186ba9c79d79dfdc0b529c850501f51d1689dc636e730f6ffb6676c82
acdebf935ded5cb063dcca7c46be5bbc503af5e76e295f6d0b7093c4514ed256
ace3f4758a7a6df596d42b2355d9c9eff4aa2edbdd4e08c45abe093a3fdcedae
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b065e641c0b9772a645e0596657a0bbabb8470f5ffbcfed95d5100f74c0da056
b1537fcf4042931c87cc64dfd2cf757f695975c38bff1d3b93f45b0e3ce844bc
b30144a09ceaed33cc41a2a2b9c0cd99928754807b74f49526ae34124d55be5b
b30169a38c7ecd17eefc119177c0c61337b17a8f1abfd337ac37284d1a04a65b
b84ee65602c75ea856b3934dd36fa2827eb13d73053d538ebf3944388d21c7e1
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb4f2176a2375283b5a4eb0f0a8c3b9fe06ed51f6e8ba012a54c5a408d0c0b38
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
befc8883343cb0562be78ccd463612141f07b909ea2c19254fb444778541797c
bf8965ca9cd1e5e11b2d15eca51a09404b9aae7ea71e42c9d6215c79d6abfa5e
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
cc9f6291cfc03113674785482af3429df3c586dfe92789b84588d2df668caa20
cd88143c4fa952e23f8ea3e1d0ae8240d39ce868b6735feed80e42a4e52f276c
ce67c2e4e9b4e71a27e764dc1694ddd49032e312059a29d99865bfc357f5bf50
cfdbe855d739cb037a1908fc906bdb21d53cae36b85a6b28d61600f18a6f11cf
cffe139366b3882387dddbd10d59e7d9aa29345793fdbf51ddde809ca6a0bec2
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d2d79ff3b1ddfa785262d3ee38a65226324dc5629a9599d434743d8461b3464e
d51cae5e2771a8e657297a4910f8b3444719ddef364a4131d919c2b56e84877e
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
db6769cd5da74960524dc17784dce021c8df33b41b4ae6c7ac6cdfaac4e69e0b
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b93a1b0941a116dcb0ed0b5c3ea062cdcad365207c405b231094eb485d95fc
e3e72d86ca00f3264b091a2d9337ca52eadf912c3fe781131fd90897802323fb
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
e89d7526092c671c0a01bd02152a595271fb97f87bbd3ba379b5e8b1071f6b2d
eab49af66323d36d88516a1234f5591940fe3cedeab7ed230fbb2edd59b2ec87
ed9e9fe1301cf9aba41ea5bfdca3fc39261d3fc12750573b23db6585dd4b37b4
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f46d94840c903a15d22f37b355f71205554b15abd725d6ad0d81f7ca21e8f38e
f499133df667c380ed5bede537af43734cb26e970389a055e6a1c8ed4c3c0d74
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f65796d0f18a60d8190c57c305e131c558dff459dd14e11e808e410f11df2422
f664361b1e27cef1788d8e0630b9700875a97ddb41af4b4b9ae896365bf24385
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
fa160ed97504d3bd1afaa99be4f177abf0381dfd0f54cf93626b75b546ca69e8