vncare.net Open in urlscan Pro
103.229.193.244 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://healthcare247.asia/
Effective URL:
https://vncare.net/
Submission Tags: phishingrod
Submission: On April 22 via api (April 22nd 2023, 5:35:34 pm UTC) from DE — Scanned from DE

Summary HTTP 173 Redirects Links 80 Behaviour Indicators

Summary

This website contacted 41 IPs in 9 countries across 38 domains to perform 173 HTTP transactions. The main IP is 103.229.193.244, located in Viet Nam and belongs to VIETNAMHOST-AS-VN Masters Technology Corporation, VN. The main domain is vncare.net.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 8th 2022. Valid for: a year.

This is the only time vncare.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	103.229.192.200 103.229.192.200	131404 (VIETNAMHO...) (VIETNAMHOST-AS-VN Masters Technology Corporation)
1 17	103.229.193.244 103.229.193.244	131404 (VIETNAMHO...) (VIETNAMHOST-AS-VN Masters Technology Corporation)
7	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	103.138.88.36 103.138.88.36	135905 (VNPT-AS-V...) (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP)
1	103.138.88.65 103.138.88.65	135905 (VNPT-AS-V...) (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP)
1	2606:4700:10:... 2606:4700:10::ac43:ebf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	103.77.162.8 103.77.162.8	45544 (SUPERDATA...) (SUPERDATA-AS-VN SUPERDATA-)
4	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:d2e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:4f:1... 2620:1ec:4f:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
12	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	20.114.190.119 20.114.190.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	118.69.83.90 118.69.83.90	18403 (FPT-AS-AP...) (FPT-AS-AP FPT Telecom Company)
28	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
9	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638:d::13 2a02:2638:d::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:d::11 2a02:2638:d::11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	89.207.16.204 89.207.16.204	41041 (VCLK-EU-SE) (VCLK-EU-SE)
3 3	18.198.72.223 18.198.72.223	16509 (AMAZON-02) (AMAZON-02)
1 11	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.160.236.64 34.160.236.64	15169 (GOOGLE) (GOOGLE)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 2	104.102.35.84 104.102.35.84	16625 (AKAMAI-AS) (AKAMAI-AS)
7	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
3 3	52.59.49.11 52.59.49.11	16509 (AMAZON-02) (AMAZON-02)
2 2	3.124.38.23 3.124.38.23	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:be27:41a2:27d7:366f	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:cb45:3ea5:a730:a682	16509 (AMAZON-02) (AMAZON-02)
2	35.213.167.91 35.213.167.91	15169 (GOOGLE) (GOOGLE)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
173	41

1 103.229.192.200 (Viet Nam) 1 redirects

ASN131404 (VIETNAMHOST-AS-VN Masters Technology Corporation, VN)

healthcare247.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 103.229.193.244 (Viet Nam) 1 redirects

ASN131404 (VIETNAMHOST-AS-VN Masters Technology Corporation, VN)
PTR: static.vietnamhost.com.vn

vncare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.138.88.36 (Viet Nam)

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)

thammyviengangwhoo.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.138.88.65 (Viet Nam)

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)

xmebeauty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:ebf (United States)

ASN13335 (CLOUDFLARENET, US)

theme.hstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.77.162.8 (Viet Nam)

ASN45544 (SUPERDATA-AS-VN SUPERDATA-, VN)
PTR: alia.thonetvander.vn

angelbeauty.com.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:d2e (United States)

ASN13335 (CLOUDFLARENET, US)

widget.subiz.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:4f:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.114.190.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

x.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 118.69.83.90 (Hanoi, Viet Nam)

ASN18403 (FPT-AS-AP FPT Telecom Company, VN)

vcdn.subiz-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:d::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.207.16.204 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams04-nessy-float2.dotomi.com

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.198.72.223 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-72-223.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.217.18.2 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.35.84 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-35-84.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.59.49.11 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-49-11.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.38.23 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-38-23.eu-central-1.compute.amazonaws.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:be27:41a2:27d7:366f (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:cb45:3ea5:a730:a682 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.213.167.91 (Singapore)

ASN15169 (GOOGLE, US)
PTR: 91.167.213.35.bc.googleusercontent.com

api.sbz.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 177	471 KB
24	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 stats.g.doubleclick.net — Cisco Umbrella Rank: 166 cm.g.doubleclick.net — Cisco Umbrella Rank: 313	167 KB
17	vncare.net 1 redirects vncare.net	500 KB
14	criteo.net static.criteo.net — Cisco Umbrella Rank: 763 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9652 csm.eu.criteo.net — Cisco Umbrella Rank: 6433	234 KB
13	gstatic.com www.gstatic.com fonts.gstatic.com	219 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1265 x.clarity.ms — Cisco Umbrella Rank: 9293 c.clarity.ms — Cisco Umbrella Rank: 1901	27 KB
7	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2930 www.google.com — Cisco Umbrella Rank: 16 adservice.google.com — Cisco Umbrella Rank: 130	2 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	6 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	243 KB
5	google.de www.google.de — Cisco Umbrella Rank: 3425 adservice.google.de — Cisco Umbrella Rank: 5261	1 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91 region1.google-analytics.com — Cisco Umbrella Rank: 1718	20 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	314 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 344	109 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 427	2 KB
3	w55c.net 3 redirects pm.w55c.net — Cisco Umbrella Rank: 1332	3 KB
3	criteo.com rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 12727 ads.eu.criteo.com — Cisco Umbrella Rank: 6413 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 8248	46 KB
2	sbz.vn api.sbz.vn — Cisco Umbrella Rank: 113309	1 KB
2	sportradarserving.com 2 redirects a.sportradarserving.com — Cisco Umbrella Rank: 3496	1 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1703	505 B
2	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 4805	207 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 413	742 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 2258	297 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 689	716 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 1020	545 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1063	464 B
1	ctnsnet.com 1 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 12051	668 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 447	519 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1646	213 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 1223	758 B
1	subiz-cdn.com vcdn.subiz-cdn.com — Cisco Umbrella Rank: 166731	35 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1132	602 B
1	subiz.net widget.subiz.net — Cisco Umbrella Rank: 157310	740 B
1	angelbeauty.com.vn angelbeauty.com.vn	824 KB
1	hstatic.net theme.hstatic.net — Cisco Umbrella Rank: 128944	11 KB
1	xmebeauty.com xmebeauty.com	29 KB
1	thammyviengangwhoo.vn thammyviengangwhoo.vn	13 KB
1	healthcare247.asia 1 redirects healthcare247.asia	186 B
0	vietnamkhoemanh.vn Failed payment-api.vietnamkhoemanh.vn Failed
173	38

	Domain	Requested by
28	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
17	vncare.net	1 redirects vncare.net
15	pagead2.googlesyndication.com	vncare.net pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
11	cm.g.doubleclick.net	1 redirects vncare.net googleads.g.doubleclick.net
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net vncare.net
9	static.criteo.net	ads.eu.criteo.com
7	fonts.gstatic.com	fonts.googleapis.com
7	fonts.googleapis.com	vncare.net googleads.g.doubleclick.net vcdn.subiz-cdn.com
6	www.gstatic.com	googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net
5	www.googletagmanager.com	vncare.net www.googletagmanager.com www.google-analytics.com
4	x.clarity.ms	www.clarity.ms
4	www.google.com	vncare.net googleads.g.doubleclick.net tpc.googlesyndication.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com vncare.net
4	cdnjs.cloudflare.com	vncare.net cdnjs.cloudflare.com ads.eu.criteo.com
3	x.bidswitch.net	3 redirects
3	pm.w55c.net	3 redirects
3	imageproxy.eu.criteo.net	ads.eu.criteo.com
3	adservice.google.de	pagead2.googlesyndication.com
2	c.clarity.ms	1 redirects
2	api.sbz.vn	vcdn.subiz-cdn.com
2	a.sportradarserving.com	2 redirects
2	sync.teads.tv	1 redirects vncare.net
2	dclk-match.dotomi.com	googleads.g.doubleclick.net
2	csm.eu.criteo.net	ads.eu.criteo.com
2	adservice.google.com	pagead2.googlesyndication.com
2	www.google.de	vncare.net
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	www.clarity.ms	vncare.net www.clarity.ms
1	c.bing.com	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	ius.ctnsnet.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	odr.mookie1.com	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl3.eu.criteo.com	googleads.g.doubleclick.net
1	vcdn.subiz-cdn.com	widget.subiz.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.analytics.google.com	www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	widget.subiz.net	vncare.net
1	angelbeauty.com.vn	vncare.net
1	theme.hstatic.net	vncare.net
1	xmebeauty.com	vncare.net
1	thammyviengangwhoo.vn	vncare.net
1	healthcare247.asia	1 redirects
0	payment-api.vietnamkhoemanh.vn Failed	vncare.net
173	52

This site contains links to these domains. Also see Links.

Domain
www.huggies.com.vn
www.kiehls.com.vn
reviewdep247.blogspot.com
www.eucerin.vn
vitaclinic.vn
chamsocmevabekhoemanh.blogspot.com
bomevabe123.blogspot.com
maps.google.com

Subject Issuer	Validity	Valid
vncare.net Sectigo RSA Domain Validation Secure Server CA	`2022-06-08` - `2023-06-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
thammyviengangwhoo.vn R3	`2023-04-22` - `2023-07-21`	3 months	crt.sh
mail.xmebeauty.com R3	`2023-03-26` - `2023-06-24`	3 months	crt.sh
angelbeauty.com.vn Sectigo RSA Domain Validation Secure Server CA	`2022-11-23` - `2023-12-24`	a year	crt.sh
*.subiz.net GTS CA 1P5	`2023-03-03` - `2023-06-01`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
vcdn.subiz-cdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-17` - `2023-06-17`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-14` - `2023-06-09`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-04` - `2023-06-04`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-26` - `2023-06-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh
api.sbz.vn Sectigo RSA Domain Validation Secure Server CA	`2022-08-15` - `2023-07-19`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://vncare.net/
Frame ID: 59EE432410294A72F6D3B0021B444E09
Requests: 68 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/zrt_lookup.html
Frame ID: 80BDD71259EE41EC08FAC534D6706FAD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&adk=1812271804&adf=3025194257&lmt=1682184926&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fvncare.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682184925931&bpp=8&bdt=1492&idt=223&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8730483438130&frm=20&pv=2&ga_vid=484116870.1682184926&ga_sid=1682184926&ga_hid=1850398669&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31074065%2C44785295%2C44788442&oid=2&pvsid=151659908809941&tmod=1854497240&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=252
Frame ID: 84FA236D71E60A23373FFAA3E9FC18AF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=4005066663&adf=1406287981&pi=t.aa~a.2766582420~rp.4&w=611&fwrn=4&fwrnh=100&lmt=1682184926&rafmt=1&to=qs&pwprc=7526812580&format=611x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682184925939&bpp=2&bdt=1500&idt=250&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8730483438130&frm=20&pv=1&ga_vid=484116870.1682184926&ga_sid=1682184926&ga_hid=1850398669&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=774&ady=34&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31074065%2C44785295%2C44788442&oid=2&pvsid=151659908809941&tmod=1854497240&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PQF4HF3OeQ&p=https%3A//vncare.net&dtd=252
Frame ID: 2D983121753D2DFF5A39D95F1187B170
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEQa3gAEa7wKZI_NAA92afgjRwN5oNJRVd4-fQ&u=%7CRfdDaCXg9%2FKPdkzn8uOhZ4JhQIXfGh1Oea2MUn2Qgro%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANQlcZipce-sX-bSNEBZGrk8wNAiI2feBvD_jRN-vBihZcAGksnJDfvmqvBonnuuhwkPgm8LVhJ-TWWN9IGiudcVpFD8siw0Yi7ydlnM2pCJK-pQb0lG7KwugzzAA11v6DUo4EgP2W3z_-sGoVdWb3wvO9AoUqb7Ue1ch3cu5lXuGE5KVoymwxUjE9YBi-3PDvnKQqeuLVzVvybmoW-jaCdNQYx522TTDLSKIz0pNde55Cn6yWz1ncWgBfdhHWOQFpx26cc3KB7QylnZD2Qss_tJOw0odPftpnkKX4Rrgx24XC_QokRqTQBMoB7fbeo2UrpqxbISSWUOfGSJhlmeRhB7SrhPQ2mNn3D_G2iHr7wqHkTybvtWhAvSsq8yHbYOo0yGiDcSpg51FhAOwamI3TwiNU_dpNlhWsezEVsaaA3yKNB9y5beFlRMfztLztMsSPFliOOSO_TM_65cTehnTtb8VLvoTiv5AbhRaEwD2gtBrTRSL76AYnlW1eSUtX7nhI3l5msliI6E7cre2xPEKb-nhCO7jigs6Qn9bQep9BCcY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGlfb3hpEZLzXEc2fkgPp7L2YCMme0rFczaOW93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTU4MTg2ODI3MDg5OTgwNsgBCakCb2R0VzBusj6oAwGqBLkBT9BEfRcdRWi22EV2237hruPpiNEBPAGMxre0ZrU-LPugV6H6Q0l53zdN0I4qYdnQZeyUJNT-pmy0GHAOHfshUSL8ZPRe43FiAL-DbFpDV1IcKy49MgxRyTk1kPzNZDCEhuktPoBNnQzI610ykS1r0mz1ZMLJKzaB6T4jFHbF9CXasgGHZw0X1JfbUROOLE8JCJIiPV8xVLoOrjWINNgfyogkQQ0L7siGpit5W66rj1bVnqo1f4plhliABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1XGoEiGY2CJLQbZ1pPkRndLL_e3Q%26client%3Dca-pub-5581868270899806%26adurl%3D
Frame ID: 5D1228A9CA0D76B8C5E6C64F89DAD313
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1692867288&adf=3719226619&pi=t.aa~a.1043414356~rp.1&w=422&fwrn=4&fwrnh=100&lmt=1682184927&rafmt=1&to=qs&pwprc=7526812580&format=422x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682184927109&bpp=1&bdt=2669&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dafb5a9bb19c8e7dc-22f89a675fdf00ea%3AT%3D1682184926%3ART%3D1682184926%3AS%3DALNI_MZYKIO2hJBcZEh4f2W3A8TstkLsIA&gpic=UID%3D00000bee306f3850%3AT%3D1682184926%3ART%3D1682184926%3AS%3DALNI_MbrbmyHp3akMzZzkwmRsSP2aQ6zDg&prev_fmts=0x0%2C611x280&nras=3&correlator=8730483438130&frm=20&pv=1&ga_vid=484116870.1682184926&ga_sid=1682184926&ga_hid=1850398669&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31074065%2C44785295%2C44788442&oid=2&psts=AHQMDFfAo6jWCNU9zxNzevsO2haiSD0hsqwjDwotHNArLyxnWKTM33y2EaSYXn3F9zidhOqEFwqdV7jr5pII&pvsid=151659908809941&tmod=1854497240&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QuPkPtx84l&p=https%3A//vncare.net&dtd=81
Frame ID: C7919A88742A60F560D2E922A642AF81
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=250&adk=2718361518&adf=3639514867&pi=t.aa~a.2206314208~rp.4&w=330&fwrn=4&fwrnh=100&lmt=1682184927&rafmt=1&to=qs&pwprc=7526812580&format=330x250&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682184927109&bpp=1&bdt=2670&idt=1&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dafb5a9bb19c8e7dc-22f89a675fdf00ea%3AT%3D1682184926%3ART%3D1682184926%3AS%3DALNI_MZYKIO2hJBcZEh4f2W3A8TstkLsIA&gpic=UID%3D00000bee306f3850%3AT%3D1682184926%3ART%3D1682184926%3AS%3DALNI_MbrbmyHp3akMzZzkwmRsSP2aQ6zDg&prev_fmts=0x0%2C611x280%2C422x280&nras=4&correlator=8730483438130&frm=20&pv=1&ga_vid=484116870.1682184926&ga_sid=1682184926&ga_hid=1850398669&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=635&ady=4727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31074065%2C44785295%2C44788442&oid=2&psts=AHQMDFfAo6jWCNU9zxNzevsO2haiSD0hsqwjDwotHNArLyxnWKTM33y2EaSYXn3F9zidhOqEFwqdV7jr5pII&pvsid=151659908809941&tmod=1854497240&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=nBG1asRk1H&p=https%3A//vncare.net&dtd=87
Frame ID: FC69554675D265054953942077E6B83D
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
Frame ID: 35D4489092D6C75FD87C500398CA9E7F
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
Frame ID: FC4D8C5A838CB8C5276106A2CBD3F8EA
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 27861E1C21448C76DDE692571429BDAE
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
Frame ID: B868CB52CF0E4B5D421595A8978D6D23
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
Frame ID: 7C326FD7D7347EF1FABBA38DAB27E41C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3484BE46CB032E9F3B2DAF4076E6C049
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
Frame ID: 1B40770B4161DC04D534186F37BB9026
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7FB555A0A2F823F0613EACCCA7827A4D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
Frame ID: AA47733E780022C8B3BA4711AEF6580E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3A8BEFA29DCC401F68EB8DC244FF9BE0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F17C205AC50C9E725E5A163C1E4B8CBA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

VNCARE: Tìm Bệnh Viện, Phòng Khám, Nhà Thuốc, Tin Tức Sức Khoẻ,COVID-19

Page URL History Show full URLs

https://healthcare247.asia/ HTTP 301
http://vncare.net/ HTTP 301
https://vncare.net/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

173
Requests

94 %
HTTPS

58 %
IPv6

38
Domains

52
Subdomains

41
IPs

9
Countries

3275 kB
Transfer

6734 kB
Size

41
Cookies

80 Outgoing links

These are links going to different origins than the main page.

URL: https://www.huggies.com.vn/san-pham
Title: Bỉm, tã dán Huggies

Search URL Search Domain Scan URL

URL: https://www.huggies.com.vn/san-pham/dong-ta-so-sinh
Title: Tả huggies sơ sinh

Search URL Search Domain Scan URL

URL: https://www.huggies.com.vn/cham-soc-be/cham-soc-tre-so-sinh/ta-cho-be-la-gi
Title: Tã cho bé

Search URL Search Domain Scan URL

URL: https://www.huggies.com.vn/cham-soc-be/cham-soc-tre-so-sinh/bim-mua-he-cho-be
Title: Bỉm mùa hè cho bé

Search URL Search Domain Scan URL

URL: https://www.huggies.com.vn/cham-soc-be/cham-soc-tre-so-sinh/ta-dan-cho-tre-sinh-non
Title: Tã dán cho trẻ sinh non

Search URL Search Domain Scan URL

URL: https://www.huggies.com.vn/cham-soc-be/cham-soc-tre-so-sinh/tre-may-thang-mac-duoc-bim-quan
Title: Trẻ mấy tháng mặc được bỉm quần

Search URL Search Domain Scan URL

URL: https://www.huggies.com.vn/cham-soc-be/cham-soc-tre-so-sinh/bim-danh-cho-be-trai
Title: Bỉm dành cho bé trai

Search URL Search Domain Scan URL

URL: https://www.huggies.com.vn/cham-soc-be/cham-soc-tre-so-sinh/bim-cho-tre-so-sinh-duoi-1-thang-tuoi
Title: Bỉm cho trẻ sơ sinh dưới 1 tháng tuổi

Search URL Search Domain Scan URL

URL: https://www.huggies.com.vn/cham-soc-be/cham-soc-tre-so-sinh/so-loi-hai-giua-ta-giay-so-sinh-va-mieng-lot-so-sinh
Title: Miếng lót em bé

Search URL Search Domain Scan URL

URL: https://www.huggies.com.vn/cham-soc-be/cham-soc-tre-so-sinh/nhung-dieu-me-can-biet-khi-chon-ta-vai-cho-be
Title: Tã vải cho bé

Search URL Search Domain Scan URL

URL: https://www.kiehls.com.vn/vi_VN/home
Title: Mỹ phẩm Kiehl's

Search URL Search Domain Scan URL

URL: https://www.kiehls.com.vn/
Title: Mua mỹ phẩm Kiehl's chính hãng với giá ưu đãi

Search URL Search Domain Scan URL

URL: https://www.kiehls.com.vn/vi_VN/tinh-chat-giup-da-tai-tao-cang-muot-sang-khoe-retinol-micro-dose/WW0154KIE.html
Title: Mua mỹ phẩm Kiehl's chính hãng: Retinol Micro-dose

Search URL Search Domain Scan URL

URL: https://www.kiehls.com.vn/vi_VN/view-all-skincare/
Title: Sản phẩm chăm sóc da chính hãng từ Kiehl's

Search URL Search Domain Scan URL

URL: https://www.kiehls.com.vn/vi_VN/serum-mo-tham-mun-dong-deu-mau-da-kiehl-s-clearly-corrective-dark-spot-solution/842.html
Title: Mua mỹ phẩm Kiehl's chính hãng với giá ưu đãi: Dark Spot Solution Serum

Search URL Search Domain Scan URL

URL: https://www.kiehls.com.vn/vi_VN/nuoc-can-bang-hoa-cuc-calendula-herbal-extract-alcohol-free-toner/254.html
Title: Sản phẩm chăm sóc da chính hãng từ Kiehl's: Nước cân bằng hoa cúc

Search URL Search Domain Scan URL

URL: https://www.kiehls.com.vn/vi_VN/mat-na-nghe-viet-quat-tumeric-cranberry-seed-energizing-radiance-masque/WW0026KIE.html
Title: Sản phẩm chăm sóc da chính hãng từ Kiehl's: Mặt nạ nghệ Việt Quất

Search URL Search Domain Scan URL

URL: https://www.kiehls.com.vn/vi_VN/face-cleansers-scrubs/
Title: Các sản phẩm rửa mặt và làm sạch da mặt chính hãng từ Kiehl's

Search URL Search Domain Scan URL

URL: https://www.kiehls.com.vn/vi_VN/face-moisturizers/
Title: Các sản phẩm dưỡng ẩm chính hãng từ Kiehl's

Search URL Search Domain Scan URL

URL: https://www.kiehls.com.vn/vi_VN/kem-duong-giup-ho-tro-ngan-ngua-cac-dau-hieu-lao-hoa-da-toan-dien-super-multi-corrective-cream/495.html
Title: Mua mỹ phẩm Kiehl's chính hãng với giá ưu đãi: Kem dưỡng chống lão hóa uper Multi-Corrective Cream

Search URL Search Domain Scan URL

URL: https://www.kiehls.com.vn/vi_VN/skincare-advice/skincare-categories/discover-our-best-facial-cleanser-for-your-skin-type.html
Title: Khám phá sữa rửa mặt phù hợp cho từng loại da từ Kiehl's

Search URL Search Domain Scan URL

URL: https://reviewdep247.blogspot.com/search/label/Eucerin
Title: Chăm sóc da

Search URL Search Domain Scan URL

URL: https://www.eucerin.vn/van-de-cua-da/da-bi-mun-trung-ca/mun-do-tren-da
Title: Mụn đỏ trên da

Search URL Search Domain Scan URL

URL: https://www.eucerin.vn/van-de-cua-da/da-bi-mun-trung-ca/mun-dau-den-o-mui
Title: Mụn đầu đen ở mũi

Search URL Search Domain Scan URL

URL: https://www.eucerin.vn/van-de-cua-da/da-bi-mun-trung-ca/nan-mun-xong-nen-lam-gi
Title: Nặn mụn xong nên làm gì

Search URL Search Domain Scan URL

URL: https://www.eucerin.vn/van-de-cua-da/da-bi-mun-trung-ca/cach-tri-mun-boc
Title: Cách trị mụn bọc

Search URL Search Domain Scan URL

URL: https://www.eucerin.vn/van-de-cua-da/da-bi-mun-trung-ca/mun-boc-o-mui
Title: Mụn bọc ở mũi

Search URL Search Domain Scan URL

URL: https://www.eucerin.vn/van-de-cua-da/da-bi-mun-trung-ca/mun-boc-o-cam
Title: Mụn bọc ở cằm

Search URL Search Domain Scan URL

URL: https://www.eucerin.vn/van-de-cua-da/da-bi-mun-trung-ca/cach-tri-mun-mu
Title: Cách trị mụn mủ

Search URL Search Domain Scan URL

URL: https://vitaclinic.vn/vi/blog/cach-tri-seo-ro
Title: Cách trị sẹo rỗ

Search URL Search Domain Scan URL

URL: https://www.eucerin.vn/van-de-cua-da/da-bi-mun-trung-ca/cach-tri-mun-an-duoi-da
Title: Cách trị mụn

Search URL Search Domain Scan URL

URL: https://www.eucerin.vn/van-de-cua-da/da-bi-mun-trung-ca/cach-tri-mun-dau-trang
Title: Cách trị mụn đầu trắng

Search URL Search Domain Scan URL

URL: https://www.eucerin.vn/van-de-cua-da/da-bi-mun-trung-ca/cac-buoc-skincare-cho-da-mun
Title: Các bước chăm sóc da mụn

Search URL Search Domain Scan URL

URL: https://www.eucerin.vn/van-de-cua-da/nam-da/tinh-chat-trang-da
Title: Tinh chất trắng da

Search URL Search Domain Scan URL

URL: https://www.eucerin.vn/van-de-cua-da/da-bi-mun-trung-ca/cach-cham-soc-da-mun
Title: Cách chăm sóc da mụn

Search URL Search Domain Scan URL

URL: https://www.eucerin.vn/van-de-cua-da/da-bi-mun-trung-ca/cham-soc-da-dau-mun
Title: Chăm sóc da mụn

Search URL Search Domain Scan URL

URL: https://www.eucerin.vn/van-de-cua-da/nam-da/serum-tri-nam-tan-nhang-tot-nhat-hien-nay
Title: Serum trị nám tàn nhang tốt nhất hiện nay

Search URL Search Domain Scan URL

URL: https://www.eucerin.vn/van-de-cua-da/nam-da/cach-tri-nam-tot-nhat-hien-nay
Title: Cách trị nám tốt nhất hiện nay

Search URL Search Domain Scan URL

URL: https://www.eucerin.vn/van-de-cua-da/nam-da/nguyen-nhan-gay-nam-da
Title: Nguyên nhân gây nám da

Search URL Search Domain Scan URL

URL: https://reviewdep247.blogspot.com/2022/05/quy-trinh-cac-buoc-skincare-cho-da-dau.html
Title: EUCERIN

Search URL Search Domain Scan URL

URL: https://vitaclinic.vn/
Title: VITAClinic

Search URL Search Domain Scan URL

URL: https://vitaclinic.vn/vi/blog/cac-loai-mun
Title: Các loại mụn

Search URL Search Domain Scan URL

URL: https://vitaclinic.vn/vi/blog/chia-se-kinh-nghiem-lam-hong-vung-kin
Title: Làm hồng cô bé

Search URL Search Domain Scan URL

URL: https://vitaclinic.vn/vi/blog/detox-la-gi
Title: Detox là gì

Search URL Search Domain Scan URL

URL: https://vitaclinic.vn/vi/blog/6-phuong-phap-giam-beo-mat-than-toc-trong-5-ngay-ma-ban-khong-the-bo-lo
Title: Cách giảm mỡ mặt

Search URL Search Domain Scan URL

URL: https://vitaclinic.vn/vi/blog/cach-tri-tham-mat
Title: Cách trị thâm mắt

Search URL Search Domain Scan URL

URL: https://vitaclinic.vn/vi/blog/tai-tao-da
Title: Tái tạo da

Search URL Search Domain Scan URL

URL: https://vitaclinic.vn/vi/blog/bha-la-gi
Title: BHA là gì

Search URL Search Domain Scan URL

URL: https://vitaclinic.vn/vi/blog/nhung-benh-khong-nen-uong-collagen
Title: Những bệnh không nên uống collagen

Search URL Search Domain Scan URL

URL: https://vitaclinic.vn/vi/blog/tham-my-vien-tphcm
Title: Các thẩm mỹ viện uy tín tại TPHCM

Search URL Search Domain Scan URL

URL: https://vitaclinic.vn/vi/blog/spa-cham-soc-da-mat-cho-nam
Title: Spa chăm sóc da mặt cho nam

Search URL Search Domain Scan URL

URL: https://vitaclinic.vn/vi/blog/tri-nam-o-dau-tot-tphcm
Title: Trị nám ở đâu tốt TP.HCM

Search URL Search Domain Scan URL

URL: https://vitaclinic.vn/vi/blog/mot-qua-tao-chua-bao-nhieu-calo
Title: Một quả táo chứa bao nhiêu calo

Search URL Search Domain Scan URL

URL: https://www.huggies.com.vn/cham-soc-be
Title: Chăm sóc bé

Search URL Search Domain Scan URL

URL: https://www.huggies.com.vn/dat-ten-cho-be/ten-duoc-yeu-thich/dat-ten-con-trai-sinh-nam-2024
Title: Tên con trai 2024

Search URL Search Domain Scan URL

URL: https://www.huggies.com.vn/cham-soc-be/cham-soc-suc-khoe-cho-be/cham-soc-lan-da-be/chung-ham-ta
Title: Hăm tã ở trẻ sơ sinh

Search URL Search Domain Scan URL

URL: https://chamsocmevabekhoemanh.blogspot.com/2022/06/bang-chieu-cao-can-nang-cua-con-trai.html
Title: Bảng chiều cao cân nặng của bé trai

Search URL Search Domain Scan URL

URL: https://www.huggies.com.vn/mang-thai/tam-ca-nguyet-dau-tien/du-doan-gioi-tinh-cua-be/du-doan-gioi-tinh-thai-nhi-qua-dau-hieu-om-nghen
Title: Dự đoán giới tính thai nhi

Search URL Search Domain Scan URL

URL: https://www.huggies.com.vn/cham-soc-be/cham-soc-suc-khoe-cho-be/cac-tuan-khung-hoang-cua-be-hay-wonder-week-cua-tre-me-da-biet
Title: Tuần khủng hoảng Wonder Week

Search URL Search Domain Scan URL

URL: https://bomevabe123.blogspot.com/2022/05/dau-hieu-sap-sinh-ma-bo-me-can-luu-y.html
Title: Dấu hiệu sắp sinh

Search URL Search Domain Scan URL

URL: https://bomevabe123.blogspot.com/2022/05/tre-so-sinh.html
Title: Cách chăm sóc trẻ sơ sinh

Search URL Search Domain Scan URL

URL: https://www.huggies.com.vn/cham-soc-be/thuc-pham-va-thuc-an-cho-be/thuc-don-an-dam-cho-tre-6-thang-tuoi
Title: Thực đơn ăn dặm cho bé 6 tháng

Search URL Search Domain Scan URL

URL: https://www.huggies.com.vn/cham-soc-be/thuc-pham-va-thuc-an-cho-be/thuc-don-an-dam-cho-be-5-thang-tuoi
Title: Thực đơn ăn dặm cho bé 5 tháng

Search URL Search Domain Scan URL

URL: https://www.huggies.com.vn/cham-soc-be/cac-su-kien-quan-trong-cua-be/su-phat-trien-cua-be/tre-may-thang-moc-rang-dau-hieu-tre-moc-rang
Title: Trẻ mấy tháng mọc răng

Search URL Search Domain Scan URL

URL: https://www.huggies.com.vn/mang-thai/thai-nhi-theo-tuan/bang-can-nang-thai-nhi-theo-tuan
Title: Bảng cân nặng thai nhi theo tuần

Search URL Search Domain Scan URL

URL: https://www.huggies.com.vn/mang-thai/cham-soc-trong-thai-ky/dau-hieu-thai-nhi-khoe-manh-3-thang-cuoi
Title: Dấu hiệu thai nhi khỏe mạnh 3 tháng cuối

Search URL Search Domain Scan URL

URL: https://www.huggies.com.vn/dat-ten-cho-be/ten-duoc-yeu-thich/ten-be-gai
Title: 3000 Tên con gái hay

Search URL Search Domain Scan URL

URL: https://www.huggies.com.vn/dat-ten-cho-be/ten-duoc-yeu-thich/ten-be-trai
Title: 3000 Tên con trai hay

Search URL Search Domain Scan URL

URL: https://www.huggies.com.vn/mang-thai/cham-soc-trong-thai-ky/quan-he-tinh-duc-khi-mang-thai/mang-thai-3-thang-dau-co-duoc-quan-he-khong
Title: Bầu 3 tháng đầu quan hệ được không

Search URL Search Domain Scan URL

URL: http://vitaclinic.vn/
Title: Website: http://vitaclinic.vn/

Search URL Search Domain Scan URL

URL: https://maps.google.com/?q=237%20Kh%C3%A1nh%20H%E1%BB%99i,%20Ph%C6%B0%E1%BB%9Dng%205,%20Qu%E1%BA%ADn%204,%20Th%C3%A0nh%20ph%E1%BB%91%20H%E1%BB%93%20Ch%C3%AD%20Minh
Title: 237 Khánh Hội, Phường 5, Quận 4, Thành phố Hồ Chí Minh

Search URL Search Domain Scan URL

URL: https://maps.google.com/?q=49%20Nguy%E1%BB%85n%20H%E1%BB%AFu%20H%C3%A0o,%20Ph%C6%B0%E1%BB%9Dng%209,%20Qu%E1%BA%ADn%204,%20Th%C3%A0nh%20ph%E1%BB%91%20H%E1%BB%93%20Ch%C3%AD%20Minh
Title: 49 Nguyễn Hữu Hào, Phường 9, Quận 4, Thành phố Hồ Chí Minh

Search URL Search Domain Scan URL

URL: https://maps.google.com/?q=740,%20%C4%90o%C3%A0n%20V%C4%83n%20B%C6%A1,%20Ph%C6%B0%E1%BB%9Dng%2016,%20Qu%E1%BA%ADn%204,%20Th%C3%A0nh%20Ph%E1%BB%91%20H%E1%BB%93%20Ch%C3%AD%20Minh
Title: 740, Đoàn Văn Bơ, Phường 16, Quận 4, Thành Phố Hồ Chí Minh

Search URL Search Domain Scan URL

URL: https://maps.google.com/?q=S%E1%BB%91%20008%20Chung%20C%C6%B0%20T%C3%A2n%20V%C4%A9nh,%20S%E1%BB%91%2010C,%20Ph%C6%B0%E1%BB%9Dng%206,%20Qu%E1%BA%ADn%204,%20Th%C3%A0nh%20ph%E1%BB%91%20H%E1%BB%93%20Ch%C3%AD%20Minh
Title: Số 008 Chung Cư Tân Vĩnh, Số 10C, Phường 6, Quận 4, Thành phố Hồ Chí Minh

Search URL Search Domain Scan URL

URL: https://maps.google.com/?q=188A%20X%C3%B3m%20Chi%E1%BA%BFu,%20Ph%C6%B0%E1%BB%9Dng%2014,%20Qu%E1%BA%ADn%204,%20Th%C3%A0nh%20ph%E1%BB%91%20H%E1%BB%93%20Ch%C3%AD%20Minh
Title: 188A Xóm Chiếu, Phường 14, Quận 4, Thành phố Hồ Chí Minh

Search URL Search Domain Scan URL

URL: https://maps.google.com/?q=62%20%C4%90.%20V%C4%A9nh%20H%E1%BB%99i,%20Ph%C6%B0%E1%BB%9Dng%204,%20Qu%E1%BA%ADn%204,%20Th%C3%A0nh%20ph%E1%BB%91%20H%E1%BB%93%20Ch%C3%AD%20Minh
Title: 62 Đ. Vĩnh Hội, Phường 4, Quận 4, Thành phố Hồ Chí Minh

Search URL Search Domain Scan URL

URL: https://maps.google.com/?q=276%20Kh%C3%A1nh%20H%E1%BB%99i,%20Ph%C6%B0%E1%BB%9Dng%205,%20Qu%E1%BA%ADn%204,%20Th%C3%A0nh%20ph%E1%BB%91%20H%E1%BB%93%20Ch%C3%AD%20Minh
Title: 276 Khánh Hội, Phường 5, Quận 4, Thành phố Hồ Chí Minh

Search URL Search Domain Scan URL

URL: https://maps.google.com/?q=10%20V%C4%A9nh%20Kh%C3%A1nh,%20Ph%C6%B0%E1%BB%9Dng%2010,%20Qu%E1%BA%ADn%204,%20Th%C3%A0nh%20ph%E1%BB%91%20H%E1%BB%93%20Ch%C3%AD%20Minh
Title: 10 Vĩnh Khánh, Phường 10, Quận 4, Thành phố Hồ Chí Minh

Search URL Search Domain Scan URL

URL: https://maps.google.com/?q=101%20T%C3%A2n%20V%C4%A9nh,%20Ph%C6%B0%E1%BB%9Dng%206,%20Qu%E1%BA%ADn%204,%20Th%C3%A0nh%20ph%E1%BB%91%20H%E1%BB%93%20Ch%C3%AD%20Minh
Title: 101 Tân Vĩnh, Phường 6, Quận 4, Thành phố Hồ Chí Minh

Search URL Search Domain Scan URL

URL: https://maps.google.com/?q=134/131%20%C4%90o%C3%A0n%20V%C4%83n%20B%C6%A1,%20Ph%C6%B0%E1%BB%9Dng%209,%20Qu%E1%BA%ADn%204,%20Th%C3%A0nh%20ph%E1%BB%91%20H%E1%BB%93%20Ch%C3%AD%20Minh
Title: 134/131 Đoàn Văn Bơ, Phường 9, Quận 4, Thành phố Hồ Chí Minh

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://healthcare247.asia/ HTTP 301
http://vncare.net/ HTTP 301
https://vncare.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 124

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKj7U-7ne0XfFx9f0aK2aHk&google_cver=1&google_push=Aer7DvID4FJP6wsogwIan_5iI9yvfu5wtctTVQCZ70zk8evcCKs2SfQOG3zzYdzl50U9-HQ01prAUwx01WSov8hPxnoc9LD0bKE2XzLt6e52f28ntTK3FNKhHh3t6P2LtiVU-FLoEo5jsn0Rt6kvCgsugLfrC_Y HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKj7U-7ne0XfFx9f0aK2aHk&google_cver=1&google_push=Aer7DvID4FJP6wsogwIan_5iI9yvfu5wtctTVQCZ70zk8evcCKs2SfQOG3zzYdzl50U9-HQ01prAUwx01WSov8hPxnoc9LD0bKE2XzLt6e52f28ntTK3FNKhHh3t6P2LtiVU-FLoEo5jsn0Rt6kvCgsugLfrC_Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=M2piNVhzOGoxUFFoOFk1&google_gid=CAESEKj7U-7ne0XfFx9f0aK2aHk&google_cver=1&google_push=Aer7DvID4FJP6wsogwIan_5iI9yvfu5wtctTVQCZ70zk8evcCKs2SfQOG3zzYdzl50U9-HQ01prAUwx01WSov8hPxnoc9LD0bKE2XzLt6e52f28ntTK3FNKhHh3t6P2LtiVU-FLoEo5jsn0Rt6kvCgsugLfrC_Y

Request Chain 125

https://um.simpli.fi/gp_match?google_gid=CAESEL_Bq7JYJe-zpmhp8d5oFB8&google_cver=1&google_push=Aer7DvJkF5Qc0aAij-WRxCstIv4UIfdpPJThwvoUC0Ug9rcB9q-IXUYw9vtiKw1Qc7oJRneIA7Zi_gwkADBZvdR7OCqBUx8vuJ9AAAjJBtAECUxtDyS1-xh6o4dd1HBW3DhIHCeEHa2nysypFcK01XWcqxvGngo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=688266DB2C924C7A826781E16A60F1A1&google_push=Aer7DvJkF5Qc0aAij-WRxCstIv4UIfdpPJThwvoUC0Ug9rcB9q-IXUYw9vtiKw1Qc7oJRneIA7Zi_gwkADBZvdR7OCqBUx8vuJ9AAAjJBtAECUxtDyS1-xh6o4dd1HBW3DhIHCeEHa2nysypFcK01XWcqxvGngo

Request Chain 127

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECuBn45fSFBN_Jok9WqMJa0&google_cver=1&google_push=Aer7DvLoWDQ1jEZ4_OgNjtJ1TZrG1lZZ3sjZtgAk8GMXL1sigTQ2gI8YkD_d6TRQVHaj5Rh2pM5U5jXjlKC_6mTookNMKoE0rds3_LppSRSv6C9gIS_o77NHqgDpWJFFjvWf-7lzMp4uJQ0_kWCshoZdrD9d3A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdTOUgxSzAtMjMtSTJHUg==&google_push=Aer7DvLoWDQ1jEZ4_OgNjtJ1TZrG1lZZ3sjZtgAk8GMXL1sigTQ2gI8YkD_d6TRQVHaj5Rh2pM5U5jXjlKC_6mTookNMKoE0rds3_LppSRSv6C9gIS_o77NHqgDpWJFFjvWf-7lzMp4uJQ0_kWCshoZdrD9d3A

Request Chain 128

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESENHDQXtS9Tp45N1AdRxPdxw&google_cver=1&google_push=Aer7DvJ1cmr1Ik3kzIDH9ItZA51oA_JUB-qW958gTofsf1sMWGXHCt_utNJ0p_j_gWTURXAdgwFv-i9MH8bpgyt-wv25M23e4dZH6C2NziPjoFhCEel6kDfKiNeOlKnojJpELUeFMINLQvkS0sLZgU9KkeQ-q_ii HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=Aer7DvJ1cmr1Ik3kzIDH9ItZA51oA_JUB-qW958gTofsf1sMWGXHCt_utNJ0p_j_gWTURXAdgwFv-i9MH8bpgyt-wv25M23e4dZH6C2NziPjoFhCEel6kDfKiNeOlKnojJpELUeFMINLQvkS0sLZgU9KkeQ-q_ii&google_hm=6-f1ULb2RvSQwU-amwvDWKM

Request Chain 129

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECI4n9mLBWpYsuaRJ-saVbo&google_cver=1&google_push=Aer7DvInLlD97hQ4djoeHxxaj_gXZ2jfDmzfhcl0IjfSIOKBOiFd2d2IbFQIRwDP8gN29qH63ukVtGqd2OlboSIsJIb9RY0BhJKjLsFsZ2Htl0X0qxjQhe-2y7eQymwULLtjgnwCfPS8K4u3UcaPZ6IIU8wTnS8f HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvInLlD97hQ4djoeHxxaj_gXZ2jfDmzfhcl0IjfSIOKBOiFd2d2IbFQIRwDP8gN29qH63ukVtGqd2OlboSIsJIb9RY0BhJKjLsFsZ2Htl0X0qxjQhe-2y7eQymwULLtjgnwCfPS8K4u3UcaPZ6IIU8wTnS8f HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 150

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKj7U-7ne0XfFx9f0aK2aHk&google_cver=1&google_push=Aer7DvJ4554zyy20doRtzfQFYSGI3HAUSR71i5dTrzY2SMMpYCCuwFs_Czl0dmr4H_9SC3nbwIstdqJkinlURllsIJdsIk1p7-SD7Emx HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=M2piNVhzOGoxUFFoOFk1&google_gid=CAESEKj7U-7ne0XfFx9f0aK2aHk&google_cver=1&google_push=Aer7DvJ4554zyy20doRtzfQFYSGI3HAUSR71i5dTrzY2SMMpYCCuwFs_Czl0dmr4H_9SC3nbwIstdqJkinlURllsIJdsIk1p7-SD7Emx

Request Chain 151

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEEjCbsiQXvGpPVao3mLzZnQ&google_cver=1&google_push=Aer7DvJxeKGIG4Qm9PXJ2X5HiF0ZHV2EkWiV3O-yxxRHzECrfQF_bIaicoAiIuFhELQ4YMkCr7y7Yo9O7I8m2L4S5R-vR1Vtn1NpXdM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEjCbsiQXvGpPVao3mLzZnQ&google_push=Aer7DvJxeKGIG4Qm9PXJ2X5HiF0ZHV2EkWiV3O-yxxRHzECrfQF_bIaicoAiIuFhELQ4YMkCr7y7Yo9O7I8m2L4S5R-vR1Vtn1NpXdM

Request Chain 152

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMhGI5U2rhbzTnXb0not2gU&google_cver=1&google_push=Aer7DvLmLhsjZJ__jriBXdxpGzT8ybXjHj3dRU49wpotVpVjvI3VZJwV93DBwiUJl2Wlzcdel29BPUWJl6cd9tongyDKRvlXOImiAxU HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEMhGI5U2rhbzTnXb0not2gU&google_cver=1&google_push=Aer7DvLmLhsjZJ__jriBXdxpGzT8ybXjHj3dRU49wpotVpVjvI3VZJwV93DBwiUJl2Wlzcdel29BPUWJl6cd9tongyDKRvlXOImiAxU HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=3c81c103-c6a9-4112-8862-dca9d2d15d03&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvLmLhsjZJ__jriBXdxpGzT8ybXjHj3dRU49wpotVpVjvI3VZJwV93DBwiUJl2Wlzcdel29BPUWJl6cd9tongyDKRvlXOImiAxU&google_hm=TckdZGCjQLqZv1EhFrK2Aw==

Request Chain 153

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKn7niXG04vSuzD0FWG0C8Q&google_cver=1&google_push=Aer7DvLT_9sz1g2W1KLzx9auyYM_YtztUYqBlhkHmH85NjNkplpMR12giyhMFP5WleGM1B336RKNpcZjhKD65KsFClELyvfbpI2uXwGk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvLT_9sz1g2W1KLzx9auyYM_YtztUYqBlhkHmH85NjNkplpMR12giyhMFP5WleGM1B336RKNpcZjhKD65KsFClELyvfbpI2uXwGk&google_hm=eS1GUVBPRF94RTJwRlIyX2Z3VDVYc3c5SFFSbXRVeWRKcX5B

Request Chain 167

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=4C1E75F4BAB14815A8C0BE9AB60459C1&RedC=c.clarity.ms&MXFR=3A45AACD1D5369E3366FB836195367E4 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4C1E75F4BAB14815A8C0BE9AB60459C1&MUID=12A37B14E0A56A7717DE69EFE1A56B4C

173 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
vncare.net/
Redirect Chain

https://healthcare247.asia/
http://vncare.net/
https://vncare.net/

239 KB
20 KB

2575ms
2114ms

Document
text/html

103.229.193.244
VIETNAMHOST-AS-VN...

General

Check archive.org

Show headers Download Go to

Full URL: https://vncare.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.229.193.244 , Viet Nam, ASN131404 (VIETNAMHOST-AS-VN Masters Technology Corporation, VN),
Reverse DNS: static.vietnamhost.com.vn
Software: nginx / PHP/8.0.8RC1
Resource Hash: ec043b3f5806877efdd0eab74639a8b8ab1b6305e6b766c5af5c4594ee1b6f2a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 22 Apr 2023 17:35:22 GMT
Keep-Alive: timeout=60
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/8.0.8RC1

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Sat, 22 Apr 2023 17:35:21 GMT
Keep-Alive: timeout=60
Location: https://vncare.net/
Server: nginx

GET
H/1.1 200
OK bootstrap.min.css
vncare.net/assets/css/ 152 KB
23 KB 281ms
280ms Stylesheet
text/css 103.229.193.244
VIETNAMHOST-AS-VN...

General

Check archive.org

Show headers Download Go to

Full URL: https://vncare.net/assets/css/bootstrap.min.css
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.229.193.244 , Viet Nam, ASN131404 (VIETNAMHOST-AS-VN Masters Technology Corporation, VN),
Reverse DNS: static.vietnamhost.com.vn
Software: nginx /
Resource Hash: 60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sat, 22 Apr 2023 17:35:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Jul 2021 02:01:52 GMT
Server: nginx
ETag: W/"60f4dd10-2606e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK fontawesome-health.css
vncare.net/assets/css/ 69 KB
13 KB 553ms
251ms Stylesheet
text/css 103.229.193.244
VIETNAMHOST-AS-VN...

General

Check archive.org

Show headers Download Go to

Full URL: https://vncare.net/assets/css/fontawesome-health.css
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.229.193.244 , Viet Nam, ASN131404 (VIETNAMHOST-AS-VN Masters Technology Corporation, VN),
Reverse DNS: static.vietnamhost.com.vn
Software: nginx /
Resource Hash: 7802ab7abd053752bebf764dbf39c389fa17e47909fcdd317225f39efa6de14f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sat, 22 Apr 2023 17:35:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Jul 2021 02:01:52 GMT
Server: nginx
ETag: W/"60f4dd10-1151e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.flexdatalist.min.css
vncare.net/assets/css/ 2 KB
1 KB 691ms
230ms Stylesheet
text/css 103.229.193.244
VIETNAMHOST-AS-VN...

General

Check archive.org

Show headers Download Go to

Full URL: https://vncare.net/assets/css/jquery.flexdatalist.min.css
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.229.193.244 , Viet Nam, ASN131404 (VIETNAMHOST-AS-VN Masters Technology Corporation, VN),
Reverse DNS: static.vietnamhost.com.vn
Software: nginx /
Resource Hash: 588a98c5d700038bc5528578f20210806bd6cd2120193f14241c58badbfe7e7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sat, 22 Apr 2023 17:35:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Jul 2021 02:01:52 GMT
Server: nginx
ETag: W/"60f4dd10-74d"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK main.css
vncare.net/assets/css/ 269 KB
35 KB 990ms
517ms Stylesheet
text/css 103.229.193.244
VIETNAMHOST-AS-VN...

General

Check archive.org

Show headers Download Go to

Full URL: https://vncare.net/assets/css/main.css?ver=1.5.3
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.229.193.244 , Viet Nam, ASN131404 (VIETNAMHOST-AS-VN Masters Technology Corporation, VN),
Reverse DNS: static.vietnamhost.com.vn
Software: nginx /
Resource Hash: ff6b89f29d4ba3d9f62a868f6735294942e07d9730ba38fd2ba70f77b3d58fc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sat, 22 Apr 2023 17:35:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Jul 2021 04:18:54 GMT
Server: nginx
ETag: W/"61022c2e-4337d"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 40ms
17ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Serif:ital,wght@0,400;0,700;1,400;1,700&display=swap

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a95e4bb8452e8157ee3609e229a0f225c077f1e37da486372a10571af47e2544

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 22 Apr 2023 17:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 22 Apr 2023 16:34:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 22 Apr 2023 17:35:24 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/ 58 KB
11 KB 33ms
15ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 426446
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10491
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-e7d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u9dZsJd5i0%2FKxJrm1U%2F4v3IXNcQoFBiBq368GdOfUwIkqtVRPvYs6zysoP4f0TEhxBh8%2FNCYp3Vmy2xSLyK3k4Ddv9bIDUOU2vOqZYrADxdtZjYTWe7M7VI2FDoBv4SJ8uvP3JiCitj%2FmlWR%2BaFckUYf"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7bbf9f81f8d8382c-FRA
expires: Thu, 11 Apr 2024 17:35:24 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 141 KB
47 KB 81ms
57ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5581868270899806

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3c244d4e5a3dc2d17ce90f42a081749584de0ff8ac77bab2b67b1a2730e4c2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vncare.net/
Origin: https://vncare.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47580
x-xss-protection: 0
server: cafe
etag: 10081595538536453131
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 17:35:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 165 KB
60 KB 55ms
31ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-155281519-2

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ada1d35cdc4afdc786e57989643d4d37db34ed53c605e6d3b131bd122a2421bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61803
x-xss-protection: 0
last-modified: Sat, 22 Apr 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 22 Apr 2023 17:35:25 GMT

GET
H/1.1 200
OK logo.jpg
vncare.net/assets/images/ 61 KB
62 KB 691ms
449ms Image
image/jpeg 103.229.193.244
VIETNAMHOST-AS-VN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vncare.net/assets/images/logo.jpg
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.229.193.244 , Viet Nam, ASN131404 (VIETNAMHOST-AS-VN Masters Technology Corporation, VN),
Reverse DNS: static.vietnamhost.com.vn
Software: nginx /
Resource Hash: 7611c948d6e3081c934a24046221a11dc812a5394405eb0680f8f7e75f174670

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sat, 22 Apr 2023 17:35:25 GMT
Last-Modified: Mon, 19 Jul 2021 06:31:14 GMT
Server: nginx
ETag: "60f51c32-f571"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 62833
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.min.js Show response
vncare.net/assets/js/ 85 KB
30 KB 474ms
474ms Script
application/javascript 103.229.193.244
VIETNAMHOST-AS-VN...

General

Check archive.org

Show headers Download Go to

Full URL: https://vncare.net/assets/js/jquery.min.js
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.229.193.244 , Viet Nam, ASN131404 (VIETNAMHOST-AS-VN Masters Technology Corporation, VN),
Reverse DNS: static.vietnamhost.com.vn
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sat, 22 Apr 2023 17:35:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Jul 2021 02:01:52 GMT
Server: nginx
ETag: W/"60f4dd10-1538f"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
vncare.net/assets/js/ 11 KB
4 KB 236ms
236ms Script
application/javascript 103.229.193.244
VIETNAMHOST-AS-VN...

General

Check archive.org

Show headers Download Go to

Full URL: https://vncare.net/assets/js/jquery-migrate.min.js
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.229.193.244 , Viet Nam, ASN131404 (VIETNAMHOST-AS-VN Masters Technology Corporation, VN),
Reverse DNS: static.vietnamhost.com.vn
Software: nginx /
Resource Hash: 1743b54e611ae08f0ddb89d8d1bc9ae7d78feacbd672c86a5f5bb3c1a582e05e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sat, 22 Apr 2023 17:35:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Jul 2021 02:01:52 GMT
Server: nginx
ETag: W/"60f4dd10-2c9d"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bootstrap.bundle.js Show response
vncare.net/assets/js/ 218 KB
47 KB 360ms
359ms Script
application/javascript 103.229.193.244
VIETNAMHOST-AS-VN...

General

Check archive.org

Show headers Download Go to

Full URL: https://vncare.net/assets/js/bootstrap.bundle.js
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.229.193.244 , Viet Nam, ASN131404 (VIETNAMHOST-AS-VN Masters Technology Corporation, VN),
Reverse DNS: static.vietnamhost.com.vn
Software: nginx /
Resource Hash: a55ade67aedf45a013ca01c5e93fa042d175348ef4d16f64cde022beee9abbd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sat, 22 Apr 2023 17:35:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Jul 2021 02:01:52 GMT
Server: nginx
ETag: W/"60f4dd10-366bf"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.flexdatalist.min.js Show response
vncare.net/assets/js/ 23 KB
8 KB 242ms
240ms Script
application/javascript 103.229.193.244
VIETNAMHOST-AS-VN...

General

Check archive.org

Show headers Download Go to

Full URL: https://vncare.net/assets/js/jquery.flexdatalist.min.js
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.229.193.244 , Viet Nam, ASN131404 (VIETNAMHOST-AS-VN Masters Technology Corporation, VN),
Reverse DNS: static.vietnamhost.com.vn
Software: nginx /
Resource Hash: e6c5d9c776a3337cab158f0cc40633c067389097c0b70e97037f87e8f6bcb3d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sat, 22 Apr 2023 17:35:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Jul 2021 02:01:52 GMT
Server: nginx
ETag: W/"60f4dd10-5ca8"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK main.js Show response
vncare.net/assets/js/ 7 KB
2 KB 241ms
239ms Script
application/javascript 103.229.193.244
VIETNAMHOST-AS-VN...

General

Check archive.org

Show headers Download Go to

Full URL: https://vncare.net/assets/js/main.js
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.229.193.244 , Viet Nam, ASN131404 (VIETNAMHOST-AS-VN Masters Technology Corporation, VN),
Reverse DNS: static.vietnamhost.com.vn
Software: nginx /
Resource Hash: c65682c02e2f09d4b9b564cc342181a511e87b9112e50136c4037be2d0ac81a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sat, 22 Apr 2023 17:35:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Jul 2021 02:01:52 GMT
Server: nginx
ETag: W/"60f4dd10-1af8"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 121 KB
47 KB 47ms
23ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MRTTQPL

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

49c0e0ad53bd05cba0fe5e73cd1a5e3ff24265875d2e562001de80a45785cb34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47899
x-xss-protection: 0
last-modified: Sat, 22 Apr 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 22 Apr 2023 17:35:25 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 78 KB
79 KB 26ms
16ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de18f83fe5e106b0ff08097632c801d3b2a5744cb2040302314b3ed08d5c0c8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Origin: https://vncare.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:25 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7499245
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 80300
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-139ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QjI2UGWqttm4QTjZLgVAf1byUIf%2BMHFRScDWvFqHtTgjNqWR9kLM82gelWOIjH%2Fls1e%2BxPlZkjofHiqigqmyTgGJ7%2BHfB4u%2FxseAF2rQwWT7B%2BD2Iv3EDz8Wj%2B1ZURv%2BZwC%2B7ASE960GfxgVOX3ce9oZ"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7bbf9f8a7cd99a2d-FRA
expires: Thu, 11 Apr 2024 17:35:25 GMT

GET
H3 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 13 KB
14 KB 37ms
36ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-regular-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6df2ce1dd3eb2bb0e0e5418aa6cdf26ff6cd382363f5d72b56d1befbec4131e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Origin: https://vncare.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:25 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 772863
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13548
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-34ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TFh41VfIFtZk0gTHcd3Sbb8q1W%2FpIMe%2BHrHsnsS7CVamw5ZtvSfWATbh9dbUaORcY3ke2bOfan9ejN3njSPGMdPBA%2B71RsEKvYhzSe6z5nUTr%2B%2B6Pd5oTExt1xdvQkXV8v0zFAhliCWRWvlmeWBhgPeN"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7bbf9f8a7cdc9a2d-FRA
expires: Thu, 11 Apr 2024 17:35:25 GMT

GET
H2 200 logo_mobi.png
thammyviengangwhoo.vn/wp-content/uploads/2018/12/ 13 KB
13 KB 2170ms
212ms Image
image/png 103.138.88.36
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thammyviengangwhoo.vn/wp-content/uploads/2018/12/logo_mobi.png
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.138.88.36 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: LiteSpeed / PleskLin
Resource Hash: 0acd000b7821ba7535d7d3100e28d42e005dde81f5240da18ba0164444d75dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:13 GMT
last-modified: Wed, 27 Oct 2021 04:07:38 GMT
server: LiteSpeed
etag: "33f5-6178d08a-7eee3b208f694cb6;;;"
x-powered-by: PleskLin
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 13301
expires: Sat, 29 Apr 2023 17:35:13 GMT

GET
H2 200 logo-xme-khong-nen.png
xmebeauty.com/wp-content/uploads/2022/07/ 29 KB
29 KB 1965ms
434ms Image
image/webp 103.138.88.65
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xmebeauty.com/wp-content/uploads/2022/07/logo-xme-khong-nen.png
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.138.88.65 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 129e8fc930f2868133ba648df1b39a8ec00c55f0f20214aade81a544d94df1e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:12 GMT
last-modified: Sat, 13 Aug 2022 08:40:20 GMT
server: LiteSpeed
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 29726
expires: Sun, 21 Apr 2024 17:35:12 GMT

GET
H2 200 logo.png
theme.hstatic.net/200000531009/1000882964/14/ 10 KB
11 KB 230ms
201ms Image
image/webp 2606:4700:10::ac43:ebf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.hstatic.net/200000531009/1000882964/14/logo.png?v=820
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2ff863713a2af74627cc821ca8d650eeaff248d4bd9594a59ced297f074c58d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:26 GMT
via: 1.1 google
cf-cache-status: HIT
x-requestid: 0HMJIV0FHR6H3:00000235
cf-polished: origFmt=png, origSize=25842
x-envoy-upstream-service-time: 25
content-disposition: inline; filename="logo.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10672
cf-bgj: imgq:85,h2pri
last-modified: Mon, 18 Jul 2022 15:16:11 GMT
server: cloudflare
etag: "5831232486c4d636894cc180ad0e7a22"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7bbf9f8acca89a00-FRA
expires: Thu, 11 Aug 2022 03:36:55 GMT

GET
H2 200 LOGO-3D-PNG-01.png
angelbeauty.com.vn/wp-content/uploads/2022/06/ 824 KB
824 KB 1360ms
194ms Image
image/png 103.77.162.8
SUPERDATA-AS-VN S...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://angelbeauty.com.vn/wp-content/uploads/2022/06/LOGO-3D-PNG-01.png
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.77.162.8 , Viet Nam, ASN45544 (SUPERDATA-AS-VN SUPERDATA-, VN),
Reverse DNS: alia.thonetvander.vn
Software: LiteSpeed /
Resource Hash: 6d58df06c903006249c8598d9604d36dd77edded7da7fa4f429d699bf367b9d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:27 GMT
last-modified: Fri, 24 Jun 2022 10:31:39 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 843325
expires: Sat, 29 Apr 2023 17:35:27 GMT

GET
H/1.1 200
OK kem-chong-nang-pho-rong-la-gi.jpg
vncare.net/tin-tuc/wp-content/uploads/2023/03/ 96 KB
96 KB 1379ms
957ms Image
image/jpeg 103.229.193.244
VIETNAMHOST-AS-VN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vncare.net/tin-tuc/wp-content/uploads/2023/03/kem-chong-nang-pho-rong-la-gi.jpg
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.229.193.244 , Viet Nam, ASN131404 (VIETNAMHOST-AS-VN Masters Technology Corporation, VN),
Reverse DNS: static.vietnamhost.com.vn
Software: nginx /
Resource Hash: 6a5b5c119e29baff98f1cce6f2b309113093c38245dc23665417663cfdd94f78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sat, 22 Apr 2023 17:35:26 GMT
Last-Modified: Thu, 09 Mar 2023 08:56:36 GMT
Server: nginx
ETag: "64099f44-18059"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 98393
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK Nie%CC%82%CC%80ng-ra%CC%86ng-gia%CC%81-bao-nhie%CC%82u-tie%CC%82%CC%80n-4.jpeg
vncare.net/tin-tuc/wp-content/uploads/2022/10/ 46 KB
46 KB 953ms
661ms Image
image/jpeg 103.229.193.244
VIETNAMHOST-AS-VN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vncare.net/tin-tuc/wp-content/uploads/2022/10/Nie%CC%82%CC%80ng-ra%CC%86ng-gia%CC%81-bao-nhie%CC%82u-tie%CC%82%CC%80n-4.jpeg
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.229.193.244 , Viet Nam, ASN131404 (VIETNAMHOST-AS-VN Masters Technology Corporation, VN),
Reverse DNS: static.vietnamhost.com.vn
Software: nginx /
Resource Hash: 7cc56d258c6f121c54e07c3e797d1c41da07418e8a2fc69336d18ff6bf52a8fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sat, 22 Apr 2023 17:35:26 GMT
Last-Modified: Sun, 02 Oct 2022 07:03:59 GMT
Server: nginx
ETag: "633937df-b7c4"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 47044
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1.jpg
vncare.net/tin-tuc/wp-content/uploads/2020/02/ 25 KB
25 KB 304ms
304ms Image
image/jpeg 103.229.193.244
VIETNAMHOST-AS-VN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vncare.net/tin-tuc/wp-content/uploads/2020/02/1.jpg
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.229.193.244 , Viet Nam, ASN131404 (VIETNAMHOST-AS-VN Masters Technology Corporation, VN),
Reverse DNS: static.vietnamhost.com.vn
Software: nginx /
Resource Hash: afec36c7fafe144cf9764838c9a4b904620574aa3ff0e916463cbc9a48d02d78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sat, 22 Apr 2023 17:35:26 GMT
Last-Modified: Mon, 03 Feb 2020 04:32:59 GMT
Server: nginx
ETag: "5e37a27b-6388"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 25480
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK fa-solid-900.woff2
vncare.net/assets/webfonts/ 74 KB
75 KB 315ms
273ms Font
font/woff2 103.229.193.244
VIETNAMHOST-AS-VN...

General

Check archive.org

Show headers Download Go to

Full URL: https://vncare.net/assets/webfonts/fa-solid-900.woff2
Requested by: Host: vncare.net
URL: https://vncare.net/assets/css/fontawesome-health.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.229.193.244 , Viet Nam, ASN131404 (VIETNAMHOST-AS-VN Masters Technology Corporation, VN),
Reverse DNS: static.vietnamhost.com.vn
Software: nginx /
Resource Hash: 787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4

Request headers

Referer: https://vncare.net/assets/css/fontawesome-health.css
Origin: https://vncare.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sat, 22 Apr 2023 17:35:25 GMT
Last-Modified: Mon, 19 Jul 2021 02:01:52 GMT
Server: nginx
ETag: "60f4dd10-12934"
Content-Type: font/woff2
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 76084

GET
H/1.1 200
OK fa-regular-400.woff2
vncare.net/assets/webfonts/ 13 KB
14 KB 1277ms
1114ms Font
font/woff2 103.229.193.244
VIETNAMHOST-AS-VN...

General

Check archive.org

Show headers Download Go to

Full URL: https://vncare.net/assets/webfonts/fa-regular-400.woff2
Requested by: Host: vncare.net
URL: https://vncare.net/assets/css/fontawesome-health.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.229.193.244 , Viet Nam, ASN131404 (VIETNAMHOST-AS-VN Masters Technology Corporation, VN),
Reverse DNS: static.vietnamhost.com.vn
Software: nginx /
Resource Hash: 86e496b536b26ba60cdb68df9dd9143b19a63b65e30e373b0321833aab1295d6

Request headers

Referer: https://vncare.net/assets/css/fontawesome-health.css
Origin: https://vncare.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sat, 22 Apr 2023 17:35:25 GMT
Last-Modified: Mon, 19 Jul 2021 02:01:52 GMT
Server: nginx
ETag: "60f4dd10-3508"
Content-Type: font/woff2
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 13576

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRTTQPL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 22 Apr 2023 16:27:45 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4060
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sat, 22 Apr 2023 18:27:45 GMT

GET
H2 200 app.js Show response
widget.subiz.net/sbz/ 456 B
740 B 49ms
18ms Script
text/javascript 2606:4700:20::681a:d2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.subiz.net/sbz/app.js?accid=acrbglqzghjwguvnwdvo
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0717179a9c7a303584f25656079afd2ccf6fec9b94a30845b1382af5555bc9a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:25 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 22 Apr 2023 16:09:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5183
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fmEs5MYgaFVd9t%2BLXVw%2FPbKeUEqzefjIN5Lvxka6qdn5SEl5i5dsIlSEa9xEvuTP0J56ZmGKWQU7Lc%2BiBeEQE88oAwrKiAg7tn%2BjU1xknAn7rn8N1MsZ6gtAEE2NyOlUBLsTrhoqhamADOVzyG4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=300
cf-ray: 7bbf9f8b1e779130-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 89ujuxmj9s Show response
www.clarity.ms/tag/ 1 KB
1 KB 173ms
105ms Script
application/x-javascript 2620:1ec:4f:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/89ujuxmj9s?ref=gtm2
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cb8dba1403dc61aa8a33dedc4ba6471a9363d0736aaad60f0ae4ac4ee4bfc804

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
date: Sat, 22 Apr 2023 17:35:26 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 20230422T173525Z-nff5sxeput0rbbtu0xp5d202sg000000012g00000000cwbm
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 165 KB
60 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-155281519-2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRTTQPL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2c10b7eeb5bdb3dd50c4ff41c7b17f6591fefe8ccd7667c382514087ea2f14d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61818
x-xss-protection: 0
last-modified: Sat, 22 Apr 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 22 Apr 2023 17:35:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 204 KB
73 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JCL28JS8H1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-155281519-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

255be54e5a172e958e8a7ec5dc5d5d6192bc95909a40afab98ffd262085d4586

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74488
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 22 Apr 2023 17:35:25 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304180101/ 354 KB
119 KB 94ms
79ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5581868270899806&plah=vncare.net&bust=31074065

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5581868270899806

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36f0f1bf903392d3f511881721f5114f07bbaea2b302413b1f7fd375efd14e1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121765
x-xss-protection: 0
server: cafe
etag: 9792886235269171924
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 17:35:25 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/ Frame 80BD 10 KB
5 KB 28ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5581868270899806

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vncare.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 12407
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 14:08:38 GMT
etag: 2378337311435320485
expires: Sat, 06 May 2023 14:08:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
218 B 15ms
13ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1850398669&t=pageview&_s=1&dl=https%3A%2F%2Fvncare.net%2F&ul=en-us&de=UTF-8&dt=VNCARE%3A%20T%C3%ACm%20B%E1%BB%87nh%20Vi%E1%BB%87n%2C%20Ph%C3%B2ng%20Kh%C3%A1m%2C%20Nh%C3%A0%20Thu%E1%BB%91c%2C%20Tin%20T%E1%BB%A9c%20S%E1%BB%A9c%20Kho%E1%BA%BB%2CCOVID-19&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1017803413&gjid=757226239&cid=484116870.1682184926&tid=UA-155281519-1&_gid=340375461.1682184926&_r=1&_slc=1&gtm=45He34j0n81MRTTQPL&z=1130806163

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

14aab5a17344d0b1d6bd1884ff5bf4401dd2b8312439394f26a78b7032c4cd33

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vncare.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 17:35:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vncare.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
68 B 13ms
13ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1850398669&t=pageview&_s=1&dl=https%3A%2F%2Fvncare.net%2F&ul=en-us&de=UTF-8&dt=VNCARE%3A%20T%C3%ACm%20B%E1%BB%87nh%20Vi%E1%BB%87n%2C%20Ph%C3%B2ng%20Kh%C3%A1m%2C%20Nh%C3%A0%20Thu%E1%BB%91c%2C%20Tin%20T%E1%BB%A9c%20S%E1%BB%A9c%20Kho%E1%BA%BB%2CCOVID-19&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=1743430891&gjid=1836491930&cid=484116870.1682184926&tid=UA-155281519-2&_gid=340375461.1682184926&_r=1&gtm=457e34j0&jsscut=1&z=1441355550

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vncare.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 17:35:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vncare.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 35ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JCL28JS8H1&gtm=45je34j0&_p=1850398669&cid=484116870.1682184926&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1682184925&sct=1&seg=0&dl=https%3A%2F%2Fvncare.net%2F&dt=VNCARE%3A%20T%C3%ACm%20B%E1%BB%87nh%20Vi%E1%BB%87n%2C%20Ph%C3%B2ng%20Kh%C3%A1m%2C%20Nh%C3%A0%20Thu%E1%BB%91c%2C%20Tin%20T%E1%BB%A9c%20S%E1%BB%A9c%20Kho%E1%BA%BB%2CCOVID-19&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JCL28JS8H1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 17:35:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vncare.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
345 B 58ms
19ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-155281519-1&cid=484116870.1682184926&jid=1017803413&gjid=757226239&_gid=340375461.1682184926&_u=YEBAAEAAAAAAACAAI~&z=1431480457

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vncare.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 22 Apr 2023 17:35:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vncare.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 204 KB
73 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EFY07YGB54&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2c2608934fb8672013209b4a3cb8c6f1243aabadce24285521edc681375b2e04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74489
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 22 Apr 2023 17:35:26 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 14ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-EFY07YGB54&gtm=45je34j0&_p=1850398669&_gaz=1&cid=484116870.1682184926&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABA&_s=1&sid=1682184926&sct=1&seg=0&dl=https%3A%2F%2Fvncare.net%2F&dt=VNCARE%3A%20T%C3%ACm%20B%E1%BB%87nh%20Vi%E1%BB%87n%2C%20Ph%C3%B2ng%20Kh%C3%A1m%2C%20Nh%C3%A0%20Thu%E1%BB%91c%2C%20Tin%20T%E1%BB%A9c%20S%E1%BB%A9c%20Kho%E1%BA%BB%2CCOVID-19&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EFY07YGB54&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 17:35:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vncare.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 19ms
18ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-EFY07YGB54&cid=484116870.1682184926&gtm=45je34j0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EFY07YGB54&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 17:35:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vncare.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 51ms
31ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EFY07YGB54&cid=484116870.1682184926&gtm=45je34j0&aip=1&z=734433731

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 17:35:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 51ms
31ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-155281519-1&cid=484116870.1682184926&jid=1017803413&_u=YEBAAEAAAAAAACAAI~&z=1192596350

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 17:35:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 48ms
30ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-155281519-1&cid=484116870.1682184926&jid=1017803413&_u=YEBAAEAAAAAAACAAI~&z=1192596350

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 17:35:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.6/ 56 KB
23 KB 21ms
21ms Script
application/javascript 2620:1ec:4f:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.6/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/89ujuxmj9s?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e63cf738c3a577e286765aaa9de59ed4300f6bf8b5d34773d131afd3da456b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:26 GMT
content-encoding: br
last-modified: Fri, 21 Apr 2023 01:54:00 GMT
etag: W/"0x8DB420B4734B1A6"
vary: Accept-Encoding
x-azure-ref: 20230422T173526Z-nff5sxeput0rbbtu0xp5d202sg000000012g00000000cwbv
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 559c3514-701e-0063-61b2-74b320000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
602 B 65ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=vncare.net&callback=_gfp_s_&client=ca-pub-5581868270899806

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5581868270899806&plah=vncare.net&bust=31074065

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dda21faf5b861794316b16e7c8ff2ab3f7f84c685befd153e0c67d1f259b9ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 58ms
16ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vncare.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 52ms
17ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vncare.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 84FA 299 KB
70 KB 739ms
738ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&adk=1812271804&adf=3025194257&lmt=1682184926&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fvncare.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682184925931&bpp=8&bdt=1492&idt=223&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8730483438130&frm=20&pv=2&ga_vid=484116870.1682184926&ga_sid=1682184926&ga_hid=1850398669&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31074065%2C44785295%2C44788442&oid=2&pvsid=151659908809941&tmod=1854497240&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=252

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be80913591c17f790159d4359575ae734126a3f10c646a12e496fa85dc412faf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vncare.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 71113
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 17:35:26 GMT
expires: Sat, 22 Apr 2023 17:35:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2D98 23 KB
10 KB 642ms
641ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=4005066663&adf=1406287981&pi=t.aa~a.2766582420~rp.4&w=611&fwrn=4&fwrnh=100&lmt=1682184926&rafmt=1&to=qs&pwprc=7526812580&format=611x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682184925939&bpp=2&bdt=1500&idt=250&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8730483438130&frm=20&pv=1&ga_vid=484116870.1682184926&ga_sid=1682184926&ga_hid=1850398669&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=774&ady=34&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31074065%2C44785295%2C44788442&oid=2&pvsid=151659908809941&tmod=1854497240&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PQF4HF3OeQ&p=https%3A//vncare.net&dtd=252

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86dc9c044d51fdbd457ecb9d325fffb7659c517a3736677ef2cecdc99993181c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vncare.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10183
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 17:35:26 GMT
expires: Sat, 22 Apr 2023 17:35:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
290 B 360ms
97ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.6/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://vncare.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://vncare.net
Date: Sat, 22 Apr 2023 17:35:26 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
290 B 485ms
294ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.6/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://vncare.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://vncare.net
Date: Sat, 22 Apr 2023 17:35:26 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 18754d60df1.app.js Show response
vcdn.subiz-cdn.com/widget-v4/public/ 106 KB
35 KB 1866ms
165ms Script
application/javascript 118.69.83.90
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL

https://vcdn.subiz-cdn.com/widget-v4/public/18754d60df1.app.js

Requested by

Host: widget.subiz.net
URL: https://widget.subiz.net/sbz/app.js?accid=acrbglqzghjwguvnwdvo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

118.69.83.90 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),

Reverse DNS

Software

Resource Hash

e19c3dee6442b5ec54cf729160788bc97767ee0a269e815b2fd4ac19308f9221

Security Headers

Name	Value
Strict-Transport-Security	max-age=946080000;includeSubDomains;preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:28 GMT
via: 1.1 google
content-encoding: gzip
x-content-type-options: nosniff
x-https-rewrite: false
strict-transport-security: max-age=946080000;includeSubDomains;preload
x-guploader-uploadid: ADPycdv0LmejUt7ZqU1_9rkjLCR6YQ881TA3hCSG9oYqA2oO6za13kPcYgjXw0vLObzh790muBjy21RW8M_QgZrvxvQRiw
x-html-optimize: true
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-cache-version: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Thu, 06 Apr 2023 04:32:25 GMT
x-js-min: true
x-goog-generation: 1680755545172231
content-language: en
access-control-allow-origin: *
x-goog-hash: crc32c=ZO11gw==, md5=LNG2Sk3VT2EwWsl4WLeXdQ==
access-control-expose-headers: Content-Type
cache-control: max-age=946080000
content-type: application/javascript
x-goog-stored-content-length: 34501
x-request-time: 0.000
x-css-min: true
expires: Sun, 21 Apr 2024 04:32:38 GMT

GET totalDonate
payment-api.vietnamkhoemanh.vn/api/v1/g1donate/TransactionInfo/ 0
0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1850398669&t=event&ni=1&_s=2&dl=https%3A%2F%2Fvncare.net%2F&ul=en-us&de=UTF-8&dt=VNCARE%3A%20T%C3%ACm%20B%E1%BB%87nh%20Vi%E1%BB%87n%2C%20Ph%C3%B2ng%20Kh%C3%A1m%2C%20Nh%C3%A0%20Thu%E1%BB%91c%2C%20Tin%20T%E1%BB%A9c%20S%E1%BB%A9c%20Kho%E1%BA%BB%2CCOVID-19&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=ftxt6o&_u=aHDAAUABAAAAACAAI~&jid=&gjid=&cid=484116870.1682184926&tid=UA-155281519-1&_gid=340375461.1682184926&gtm=45He34j0n81MRTTQPL&cd1=https%3A%2F%2Fclarity.microsoft.com%2Fga%2F89ujuxmj9s%2Far8pu8%2Fftxt6o&z=368524821

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 17:28:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 425
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 2D98 3 KB
1 KB 36ms
8ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=4005066663&adf=1406287981&pi=t.aa~a.2766582420~rp.4&w=611&fwrn=4&fwrnh=100&lmt=1682184926&rafmt=1&to=qs&pwprc=7526812580&format=611x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682184925939&bpp=2&bdt=1500&idt=250&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8730483438130&frm=20&pv=1&ga_vid=484116870.1682184926&ga_sid=1682184926&ga_hid=1850398669&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=774&ady=34&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31074065%2C44785295%2C44788442&oid=2&pvsid=151659908809941&tmod=1854497240&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PQF4HF3OeQ&p=https%3A//vncare.net&dtd=252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 14:55:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9609
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 May 2023 14:55:17 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 2D98 19 KB
8 KB 35ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 06:15:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40777
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 May 2023 06:15:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2D98 159 KB
49 KB 52ms
15ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Apr 2023 17:35:26 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2D98 0
0 49ms
48ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CG3gi3hpEZLzXEc2fkgPp7L2YCMme0rFczaOW93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTU4MTg2ODI3MDg5OTgwNsgBCakCb2R0VzBusj6oAwGqBLYBT9BEfRcdRWi22EV2237hruPpiNEBPAGMxre0ZrU-LPugV6H6Q0l53zdN0I4qYdnQZeyUJNT-pmy0GHAOHfshUSL8ZPRe43FiAL-DbFpDV1IcKy49MgxRyTk1kPzNZDCEhuktPoBNnQzI610ykS1r0mz1ZMLJKzaB6T4jFHbF9CXasgGHZw0X1JfbUROOLE8JSpADr9i-yKmxMiEr5OW5MoEwS7sBwNAEEuNE_VwUkXrNGwCxbDWABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU1ODE4NjgyNzA4OTk4MDYYAA&sigh=k4gaUBZBUL4&uach_m=[UACH]&cid=CAQSGwBygQiDbVyDypEjmyksi_5sn29-0dTlhOyXsxgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=4005066663&adf=1406287981&pi=t.aa~a.2766582420~rp.4&w=611&fwrn=4&fwrnh=100&lmt=1682184926&rafmt=1&to=qs&pwprc=7526812580&format=611x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682184925939&bpp=2&bdt=1500&idt=250&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8730483438130&frm=20&pv=1&ga_vid=484116870.1682184926&ga_sid=1682184926&ga_hid=1850398669&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=774&ady=34&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31074065%2C44785295%2C44788442&oid=2&pvsid=151659908809941&tmod=1854497240&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PQF4HF3OeQ&p=https%3A//vncare.net&dtd=252
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 22 Apr 2023 17:35:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 22 Apr 2023 17:35:26 GMT

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 2D98 0
0 85ms
58ms Fetch 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kKW_EMz6ROMEmAKdg2ICAgAAAK4X9fqKxXebEN0aRGT2zCx2uFU3DJGfAAASAAAKCkFRVUJBUUVCQVE&wp=ZEQa3gAEa7wKZI_NAA92afgjRwN5oNJRVd4-fQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:26 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 125214
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 5D12 136 KB
46 KB 86ms
57ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEQa3gAEa7wKZI_NAA92afgjRwN5oNJRVd4-fQ&u=%7CRfdDaCXg9%2FKPdkzn8uOhZ4JhQIXfGh1Oea2MUn2Qgro%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANQlcZipce-sX-bSNEBZGrk8wNAiI2feBvD_jRN-vBihZcAGksnJDfvmqvBonnuuhwkPgm8LVhJ-TWWN9IGiudcVpFD8siw0Yi7ydlnM2pCJK-pQb0lG7KwugzzAA11v6DUo4EgP2W3z_-sGoVdWb3wvO9AoUqb7Ue1ch3cu5lXuGE5KVoymwxUjE9YBi-3PDvnKQqeuLVzVvybmoW-jaCdNQYx522TTDLSKIz0pNde55Cn6yWz1ncWgBfdhHWOQFpx26cc3KB7QylnZD2Qss_tJOw0odPftpnkKX4Rrgx24XC_QokRqTQBMoB7fbeo2UrpqxbISSWUOfGSJhlmeRhB7SrhPQ2mNn3D_G2iHr7wqHkTybvtWhAvSsq8yHbYOo0yGiDcSpg51FhAOwamI3TwiNU_dpNlhWsezEVsaaA3yKNB9y5beFlRMfztLztMsSPFliOOSO_TM_65cTehnTtb8VLvoTiv5AbhRaEwD2gtBrTRSL76AYnlW1eSUtX7nhI3l5msliI6E7cre2xPEKb-nhCO7jigs6Qn9bQep9BCcY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGlfb3hpEZLzXEc2fkgPp7L2YCMme0rFczaOW93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTU4MTg2ODI3MDg5OTgwNsgBCakCb2R0VzBusj6oAwGqBLkBT9BEfRcdRWi22EV2237hruPpiNEBPAGMxre0ZrU-LPugV6H6Q0l53zdN0I4qYdnQZeyUJNT-pmy0GHAOHfshUSL8ZPRe43FiAL-DbFpDV1IcKy49MgxRyTk1kPzNZDCEhuktPoBNnQzI610ykS1r0mz1ZMLJKzaB6T4jFHbF9CXasgGHZw0X1JfbUROOLE8JCJIiPV8xVLoOrjWINNgfyogkQQ0L7siGpit5W66rj1bVnqo1f4plhliABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1XGoEiGY2CJLQbZ1pPkRndLL_e3Q%26client%3Dca-pub-5581868270899806%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

65d4c946d8331caf91ac63a04d2c5a1900abfbc3f1b81563333edecd1eb24ad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 17:35:26 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=pqKaSa3jYWZq_ONwww1AygbHQEd9Ck98bTLs4J9T7lxDMagOk2QhrkVKsq1QDtmP_5X3FEYTj0X2DQ8kyM1vDHuy4ZCU5VT018VVbDkNhFG_DWQMYNws90rUHwI9LKx8TTlndP7NR4UG6ic_Q5Zt-Pvsxq_FZwlU6CZlQLbEyIRLCPsCDXBqnXMyPGLd-s6bwFIA_LVA-ZMVyC0SbzDnZvTOUoHEaCDavFij90HMMHxGVcAj79t1y2lOvuKN-crEdEhPhw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 38445606
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 2D98 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bee4ef2f7ff3d78596a839336b56d6a7740718478ed95c4fddd7099b6fd7377

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 5D12 2 KB
1 KB 151ms
16ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEQa3gAEa7wKZI_NAA92afgjRwN5oNJRVd4-fQ&u=%7CRfdDaCXg9%2FKPdkzn8uOhZ4JhQIXfGh1Oea2MUn2Qgro%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANQlcZipce-sX-bSNEBZGrk8wNAiI2feBvD_jRN-vBihZcAGksnJDfvmqvBonnuuhwkPgm8LVhJ-TWWN9IGiudcVpFD8siw0Yi7ydlnM2pCJK-pQb0lG7KwugzzAA11v6DUo4EgP2W3z_-sGoVdWb3wvO9AoUqb7Ue1ch3cu5lXuGE5KVoymwxUjE9YBi-3PDvnKQqeuLVzVvybmoW-jaCdNQYx522TTDLSKIz0pNde55Cn6yWz1ncWgBfdhHWOQFpx26cc3KB7QylnZD2Qss_tJOw0odPftpnkKX4Rrgx24XC_QokRqTQBMoB7fbeo2UrpqxbISSWUOfGSJhlmeRhB7SrhPQ2mNn3D_G2iHr7wqHkTybvtWhAvSsq8yHbYOo0yGiDcSpg51FhAOwamI3TwiNU_dpNlhWsezEVsaaA3yKNB9y5beFlRMfztLztMsSPFliOOSO_TM_65cTehnTtb8VLvoTiv5AbhRaEwD2gtBrTRSL76AYnlW1eSUtX7nhI3l5msliI6E7cre2xPEKb-nhCO7jigs6Qn9bQep9BCcY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGlfb3hpEZLzXEc2fkgPp7L2YCMme0rFczaOW93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTU4MTg2ODI3MDg5OTgwNsgBCakCb2R0VzBusj6oAwGqBLkBT9BEfRcdRWi22EV2237hruPpiNEBPAGMxre0ZrU-LPugV6H6Q0l53zdN0I4qYdnQZeyUJNT-pmy0GHAOHfshUSL8ZPRe43FiAL-DbFpDV1IcKy49MgxRyTk1kPzNZDCEhuktPoBNnQzI610ykS1r0mz1ZMLJKzaB6T4jFHbF9CXasgGHZw0X1JfbUROOLE8JCJIiPV8xVLoOrjWINNgfyogkQQ0L7siGpit5W66rj1bVnqo1f4plhliABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1XGoEiGY2CJLQbZ1pPkRndLL_e3Q%26client%3Dca-pub-5581868270899806%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 16 Apr 2024 17:35:27 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 5D12 2 KB
1 KB 150ms
16ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 16 Apr 2024 17:35:27 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 5D12 308 B
637 B 135ms
15ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 16 Apr 2024 17:35:27 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 5D12 293 B
621 B 136ms
17ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Tue, 16 Apr 2024 17:35:27 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 5D12 43 B
348 B 59ms
14ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Vz6jwFpK7UNOzZVT8RZfYtdX4rD4mepv2R4hJWorftCKWyPxKW5OwKrYQMLvbq6Ue5cfMhRpw0sUMSy4shYdCibgj1H5qBmbtSgiFLk-hpJ1MgFRiNfWriEa-9PF_Mjag2Bss33mZM7qeBQQMF27cq24ddlSFa7oX6nFavIzW65LiVsmUmT3t_k4Dg5lxPPq5tt7kzz3MPURb30P-UlpVgBrPtoj8x9pjKcN8J4Kkt6xLPxkd-a51S__K5QoBXALT01OkasJdnmNVnQLlVb3yDGLZm_d1XcZPCyn7RzKW5e60VgNcn2zplHSsi3HND_Qkaeq8hZCldwyNBAoi_qc5ODQnQVqyzXxq9oiepJDio88iKlJojrZELZXadXpixmMi2RosZLubRT0SgLZLdvBtu0X0njEzeaxfel57JulmMGeCZOG

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 17:35:26 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1738265
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 5D12 12 KB
5 KB 12ms
12ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 176828
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b37lzInB3ZyT%2BIVOznUT883wRtp9mOKpdgvlraW4VHLFSLGE6ui7xsnj48wN3j7ZL6xhOc7tQu%2FV%2BK0%2F1zsGjNBYv9gudkQW%2BeYIfCB6uunwM%2BNaxrQJdIpSH6EALQWpgLSFZcUPpnHefvq7sEPxZg8I"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7bbf9f920c0b382c-FRA
expires: Thu, 11 Apr 2024 17:35:27 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 5D12 12 KB
6 KB 133ms
20ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 16 Apr 2024 17:35:27 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304180101/ 149 KB
51 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304180101/reactive_library_fy2021.js?bust=31074065

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8a0c7bc16188cacb621407cb542dd5e0bb446da5598f48ff1b53f5ac335c1cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51705
x-xss-protection: 0
server: cafe
etag: 3213304091895686315
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 17:35:27 GMT

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame 5D12 38 KB
38 KB 131ms
34ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 16 Apr 2024 17:35:27 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 5D12 46 KB
46 KB 126ms
29ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 16 Apr 2024 17:35:27 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5D12 3 KB
4 KB 63ms
22ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F9764%2F230413%2F917351ee47c4413e8a80c13e50969936_logo_n_horizontal_4.png&v=3&w=196&s=djcIoeKLOWLrrzEynZBu7za_

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c239f25cc0dd9c52307c39af6ff09742b27dc765f8e5693c1bf70b42462fa5d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 3486
expires: Sun, 07 Apr 2024 13:31:05 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5D12 111 KB
111 KB 93ms
53ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F9764%2F230413%2F11c5ae5fb140405681edaf76ceeb00d7_img_square_1.jpg&v=3&w=1200&s=TY00qbTzscYT9I-Q46fMWiyb

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d51b25919a323fc2c25976593c810742e0d961f6e07234c748358077919fa47f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 113366
expires: Sun, 07 Apr 2024 13:31:05 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5D12 22 KB
22 KB 79ms
39ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1594983169%2F20117059-0kCtbvjw.jpg&v=3&w=400&s=exwaYeXg14suYKg5IDvuzZEz&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

830bde98f84de1d3b00b26c1267f5b16cd3b868e05b198336453c2967cd88542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 22384
expires: Wed, 26 Apr 2023 13:10:04 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 5D12 0
128 B 62ms
22ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=pqKaSa3jYWZq_ONwww1AygbHQEd9Ck98bTLs4J9T7lxDMagOk2QhrkVKsq1QDtmP_5X3FEYTj0X2DQ8kyM1vDHuy4ZCU5VT018VVbDkNhFG_DWQMYNws90rUHwI9LKx8TTlndP7NR4UG6ic_Q5Zt-Pvsxq_FZwlU6CZlQLbEyIRLCPsCDXBqnXMyPGLd-s6bwFIA_LVA-ZMVyC0SbzDnZvTOUoHEaCDavFij90HMMHxGVcAj79t1y2lOvuKN-crEdEhPhw&sds=2&rev=85950&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 22 Apr 2023 17:35:26 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5D12 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 16 Apr 2024 17:35:27 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 5D12 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 16 Apr 2024 17:35:27 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
14ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vncare.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vncare.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C791 99 KB
35 KB 882ms
881ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1692867288&adf=3719226619&pi=t.aa~a.1043414356~rp.1&w=422&fwrn=4&fwrnh=100&lmt=1682184927&rafmt=1&to=qs&pwprc=7526812580&format=422x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682184927109&bpp=1&bdt=2669&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dafb5a9bb19c8e7dc-22f89a675fdf00ea%3AT%3D1682184926%3ART%3D1682184926%3AS%3DALNI_MZYKIO2hJBcZEh4f2W3A8TstkLsIA&gpic=UID%3D00000bee306f3850%3AT%3D1682184926%3ART%3D1682184926%3AS%3DALNI_MbrbmyHp3akMzZzkwmRsSP2aQ6zDg&prev_fmts=0x0%2C611x280&nras=3&correlator=8730483438130&frm=20&pv=1&ga_vid=484116870.1682184926&ga_sid=1682184926&ga_hid=1850398669&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31074065%2C44785295%2C44788442&oid=2&psts=AHQMDFfAo6jWCNU9zxNzevsO2haiSD0hsqwjDwotHNArLyxnWKTM33y2EaSYXn3F9zidhOqEFwqdV7jr5pII&pvsid=151659908809941&tmod=1854497240&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QuPkPtx84l&p=https%3A//vncare.net&dtd=81

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

511fe7997530ec63f24f0b9d80b80b8cc8d410f6c52cc41cf3b87a70c2f4a410

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vncare.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 36257
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 17:35:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FC69 98 KB
36 KB 748ms
748ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=250&adk=2718361518&adf=3639514867&pi=t.aa~a.2206314208~rp.4&w=330&fwrn=4&fwrnh=100&lmt=1682184927&rafmt=1&to=qs&pwprc=7526812580&format=330x250&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682184927109&bpp=1&bdt=2670&idt=1&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dafb5a9bb19c8e7dc-22f89a675fdf00ea%3AT%3D1682184926%3ART%3D1682184926%3AS%3DALNI_MZYKIO2hJBcZEh4f2W3A8TstkLsIA&gpic=UID%3D00000bee306f3850%3AT%3D1682184926%3ART%3D1682184926%3AS%3DALNI_MbrbmyHp3akMzZzkwmRsSP2aQ6zDg&prev_fmts=0x0%2C611x280%2C422x280&nras=4&correlator=8730483438130&frm=20&pv=1&ga_vid=484116870.1682184926&ga_sid=1682184926&ga_hid=1850398669&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=635&ady=4727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31074065%2C44785295%2C44788442&oid=2&psts=AHQMDFfAo6jWCNU9zxNzevsO2haiSD0hsqwjDwotHNArLyxnWKTM33y2EaSYXn3F9zidhOqEFwqdV7jr5pII&pvsid=151659908809941&tmod=1854497240&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=nBG1asRk1H&p=https%3A//vncare.net&dtd=87

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1faf62e63d03c8ab634f237a3fa2256ee6baf70295d91eb73d115c5051e590bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vncare.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 36473
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 17:35:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vncare.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/ Frame 35D4 10 KB
4 KB 6ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vncare.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 40777
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 06:15:50 GMT
etag: 2378337311435320485
expires: Sat, 06 May 2023 06:15:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/ Frame FC4D 10 KB
4 KB 6ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vncare.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 40777
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 06:15:50 GMT
etag: 2378337311435320485
expires: Sat, 06 May 2023 06:15:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 35D4 5 KB
755 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

831997ce334905a4fc3c7f0673c30bd34701f9810d87b19335aea228804ae38a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 22 Apr 2023 17:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 22 Apr 2023 16:02:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 22 Apr 2023 17:35:27 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 35D4 205 B
650 B 30ms
7ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 14:10:13 GMT
x-content-type-options: nosniff
age: 12314
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 21 Apr 2024 14:10:13 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 35D4 604 B
695 B 30ms
8ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 13:34:33 GMT
x-content-type-options: nosniff
age: 14454
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 21 Apr 2024 13:34:33 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/ Frame 35D4 13 KB
6 KB 116ms
115ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e719752a773076ca8e3f549032753877c83cafb2a640feb0886d9af24a3b44d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5669
x-xss-protection: 0
server: cafe
etag: 11655758664418369095
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 May 2023 17:35:27 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/ Frame 35D4 19 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 19:24:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79865
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8167
x-xss-protection: 0
server: cafe
etag: 3140062999518874537
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 19:24:22 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame FC4D 6 KB
768 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f323fc9e13fd6a7758914ff9eefe58a1828eceaf1fe979659b1117694910c1e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 22 Apr 2023 17:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 22 Apr 2023 16:10:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 22 Apr 2023 17:35:27 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame FC4D 2 KB
845 B 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 16:53:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2496
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 May 2023 16:53:51 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FC4D 0
0 50ms
50ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1w6Q3hpEZJqWEt2zkgOCkZWwDsmwuaVi-v2xyZ8L2tkeEAEgpafvHmC7BqAB-ITkswPIAQmpAm9kdFcwbrI-qAMByAPLBKoEyQFP0GtU3tFYQngrbbdIDF1mCU0hqos1d9w7_4H-9AxaJX6uQNfUJay3_To_Xlw79PItcaEW3EGlPMI7oTQhe4Hwam0-ijG3LPgPPqNo93Ur1fDRDxdFFylXJR0dNgXsTO72tZC9Pf9xJXF_eRMLQMkoFcsDj7htPt8C2iVFZGqdfXx7VC9Y8lNLgfYhO9Y0C2_ULW0FO0VzSqITTwY6-LU8rjwdAvUWQC3zcvx1xp55MKBjsAISvNmeG9x0TCtyB7dwXRMFH-VY_zHABP3y9e3UApIFBAgEGAGSBQQIBRgEoAYugAfw-ptMqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQjvQY0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMNiBQC0BUBgBcBshccChoIABIUcHViLTU1ODE4NjgyNzA4OTk4MDYYAA&sigh=gIbNJnwYxac&uach_m=[UACH]&cid=CAQSGwBygQiDtjOoICQpNH_uP38_Dtnp_0JZH3KGmBgB&template_id=484

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 22 Apr 2023 17:35:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame FC4D 21 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 15:45:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6599
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 May 2023 15:45:28 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame FC4D 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 14:55:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9610
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 May 2023 14:55:17 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame FC4D 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 06:15:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40778
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 May 2023 06:15:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FC4D 159 KB
49 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Apr 2023 17:35:27 GMT

GET
H2 200 f8970ecc2196f374e9d99027c476dd6b.js Show response
www.gstatic.com/mysidia/ Frame FC4D 32 KB
14 KB 21ms
8ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:50:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42306
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13747
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 05:50:21 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/13160750489851016094/ Frame FC4D 43 KB
44 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13160750489851016094/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ad6f4a86b46a79de4eec016386e544a346ee58ec0d28e06704f37703540b7ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:57:06 GMT
x-content-type-options: nosniff
age: 52701
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44465
x-xss-protection: 0
last-modified: Mon, 27 Jan 2020 15:28:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 21 Apr 2024 02:57:06 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/18254627316575341789/ Frame FC4D 821 B
1 KB 8ms
8ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18254627316575341789/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a0d5f1198f0b5d6a76bb8ec1ab89a44d582ebe188c7d0328151d708885bb6ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 16:01:58 GMT
x-content-type-options: nosniff
age: 5609
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 821
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 07:23:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 21 Apr 2024 16:01:58 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2786 9 KB
921 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 22 Apr 2023 17:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 22 Apr 2023 16:05:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 22 Apr 2023 17:35:27 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 2786 2 KB
765 B 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 16:53:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2496
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 May 2023 16:53:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame 2786 21 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 15:45:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6599
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 May 2023 15:45:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 2786 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 14:55:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9610
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 May 2023 14:55:17 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 2786 19 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 06:15:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40778
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 May 2023 06:15:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2786 159 KB
49 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Apr 2023 17:35:27 GMT

GET
H2 200 f8970ecc2196f374e9d99027c476dd6b.js Show response
www.gstatic.com/mysidia/ Frame 2786 32 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:50:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42306
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13747
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 05:50:21 GMT

GET
DATA 200
OK truncated
/ Frame FC4D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad5fe8676b0575ec7c153706ff94e57eee1fb5b980b272fd00d1df2d65ffeefd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js Show response
pagead2.googlesyndication.com/bg/ Frame B868 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 13:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15223
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 13:21:44 GMT

GET
H3 200 w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js Show response
pagead2.googlesyndication.com/bg/ Frame 7C32 36 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 13:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15223
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 13:21:44 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame FC69 6 KB
695 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=250&adk=2718361518&adf=3639514867&pi=t.aa~a.2206314208~rp.4&w=330&fwrn=4&fwrnh=100&lmt=1682184927&rafmt=1&to=qs&pwprc=7526812580&format=330x250&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682184927109&bpp=1&bdt=2670&idt=1&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dafb5a9bb19c8e7dc-22f89a675fdf00ea%3AT%3D1682184926%3ART%3D1682184926%3AS%3DALNI_MZYKIO2hJBcZEh4f2W3A8TstkLsIA&gpic=UID%3D00000bee306f3850%3AT%3D1682184926%3ART%3D1682184926%3AS%3DALNI_MbrbmyHp3akMzZzkwmRsSP2aQ6zDg&prev_fmts=0x0%2C611x280%2C422x280&nras=4&correlator=8730483438130&frm=20&pv=1&ga_vid=484116870.1682184926&ga_sid=1682184926&ga_hid=1850398669&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=635&ady=4727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31074065%2C44785295%2C44788442&oid=2&psts=AHQMDFfAo6jWCNU9zxNzevsO2haiSD0hsqwjDwotHNArLyxnWKTM33y2EaSYXn3F9zidhOqEFwqdV7jr5pII&pvsid=151659908809941&tmod=1854497240&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=nBG1asRk1H&p=https%3A//vncare.net&dtd=87

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f323fc9e13fd6a7758914ff9eefe58a1828eceaf1fe979659b1117694910c1e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 22 Apr 2023 17:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 22 Apr 2023 15:52:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 22 Apr 2023 17:35:27 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame FC69 2 KB
765 B 7ms
6ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 16:53:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2496
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 May 2023 16:53:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame FC69 21 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 15:45:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6599
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 May 2023 15:45:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame FC69 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 14:55:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9610
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 May 2023 14:55:17 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame FC69 19 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 06:15:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40778
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 May 2023 06:15:49 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame FC69 0
0 16ms
15ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSyR8OFLqFZ40OcjtBGTGXWAxWTNBr1w7RCWOvouUkmJ3N0yQABEE_ZnrnCU7FIz33bbApu0V2LYiiU9xcviZVOwsGSMA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=250&adk=2718361518&adf=3639514867&pi=t.aa~a.2206314208~rp.4&w=330&fwrn=4&fwrnh=100&lmt=1682184927&rafmt=1&to=qs&pwprc=7526812580&format=330x250&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682184927109&bpp=1&bdt=2670&idt=1&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dafb5a9bb19c8e7dc-22f89a675fdf00ea%3AT%3D1682184926%3ART%3D1682184926%3AS%3DALNI_MZYKIO2hJBcZEh4f2W3A8TstkLsIA&gpic=UID%3D00000bee306f3850%3AT%3D1682184926%3ART%3D1682184926%3AS%3DALNI_MbrbmyHp3akMzZzkwmRsSP2aQ6zDg&prev_fmts=0x0%2C611x280%2C422x280&nras=4&correlator=8730483438130&frm=20&pv=1&ga_vid=484116870.1682184926&ga_sid=1682184926&ga_hid=1850398669&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=635&ady=4727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31074065%2C44785295%2C44788442&oid=2&psts=AHQMDFfAo6jWCNU9zxNzevsO2haiSD0hsqwjDwotHNArLyxnWKTM33y2EaSYXn3F9zidhOqEFwqdV7jr5pII&pvsid=151659908809941&tmod=1854497240&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=nBG1asRk1H&p=https%3A//vncare.net&dtd=87
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FC69 159 KB
49 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Apr 2023 17:35:28 GMT

GET
H3 200 f8970ecc2196f374e9d99027c476dd6b.js Show response
www.gstatic.com/mysidia/ Frame FC69 32 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:50:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42306
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13747
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 05:50:21 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FC69 0
0 53ms
51ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CjVzV3xpEZI74EYWwsgeVzpCIA8fGpYhv4--X4JQRiKe2lYsDEAEgpafvHmCV4pCCoAegAbzl-qoByAEJqAMByAPLBKoEywFP0GHFoOvB99r0wro9JJS9YgNPfnAKZPLdXAs7tkiQYuRyoJBvsRsEuvpL2Zk0PmIZUTMTr_veXH2mkN0GxsJlBBvJui6Lv4YKU2srpG_9UyVXUlDOpydVAdQ0AaryBQwfopqTpe8whFliy7Jv4ouzr4WOfDNOTUutnhKy5qxXaJJWr-bX2dRFoc7Ieg6QIEEErGckp-LLPvop93e4USoXb2N2yUmsgPPbxPSiV3QtXAoxYEbg9WdrbX1HyvV7BeIzyRx6pxt9gKYBaMAEy5unk6AEkgUECAQYAZIFBAgFGASgBi6AB6yahdUCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQw70D0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMM0BUBmBYBgBcBshccChoIABIUcHViLTU1ODE4NjgyNzA4OTk4MDYYAA&sigh=pmCQ22Af7Uc&uach_m=[UACH]&cid=CAQSPABygQiD-NACGVDwx4f6v2E57XswrE9jUARWR1olmogP3DS4MAXtHTe15-wUeDoxNQGzq3ii2TR_jMqDfRgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=250&adk=2718361518&adf=3639514867&pi=t.aa~a.2206314208~rp.4&w=330&fwrn=4&fwrnh=100&lmt=1682184927&rafmt=1&to=qs&pwprc=7526812580&format=330x250&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682184927109&bpp=1&bdt=2670&idt=1&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dafb5a9bb19c8e7dc-22f89a675fdf00ea%3AT%3D1682184926%3ART%3D1682184926%3AS%3DALNI_MZYKIO2hJBcZEh4f2W3A8TstkLsIA&gpic=UID%3D00000bee306f3850%3AT%3D1682184926%3ART%3D1682184926%3AS%3DALNI_MbrbmyHp3akMzZzkwmRsSP2aQ6zDg&prev_fmts=0x0%2C611x280%2C422x280&nras=4&correlator=8730483438130&frm=20&pv=1&ga_vid=484116870.1682184926&ga_sid=1682184926&ga_hid=1850398669&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=635&ady=4727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31074065%2C44785295%2C44788442&oid=2&psts=AHQMDFfAo6jWCNU9zxNzevsO2haiSD0hsqwjDwotHNArLyxnWKTM33y2EaSYXn3F9zidhOqEFwqdV7jr5pII&pvsid=151659908809941&tmod=1854497240&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=nBG1asRk1H&p=https%3A//vncare.net&dtd=87
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 22 Apr 2023 17:35:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/16944020562859849746/ Frame FC69 5 KB
5 KB 7ms
7ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16944020562859849746/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05baed622a0406dd4c18b4de9e156c2d328a9789a3cfb7cc2b8a10a267696f0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 16:08:33 GMT
x-content-type-options: nosniff
age: 5214
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5386
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 12:50:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 21 Apr 2024 16:08:33 GMT

GET
DATA 200
OK truncated
/ Frame FC69 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3484 1 KB
643 B 7ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 81302
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 19:00:25 GMT
etag: 48472445140208031
expires: Sat, 22 Apr 2023 19:00:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame FC69 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 280bf339063cc4ccbe449c44e0e355c609760c390d8affec4bbdf8255d94777f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2D98 42 B
174 B 44ms
43ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst9l8-YWFciKypXIdkjJa_fM9wQcQDVvLwsrNk75w5Sw-_xjJTSnHe19tMzChaTw37zF7GFb-6XeVhfGG-h2Y4WzYE&sig=Cg0ArKJSzAWPhxDQaO9qEAE&id=lidar2&mcvt=1002&p=0,0,280,611&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230419&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4005066663&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682184926192&rpt=745&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 17:35:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 3484 0
104 B 407ms
24ms Image
text/plain 89.207.16.204
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFFVm2SCN4H-nySf99JVyjA&google_cver=1&google_push=Aer7DvLjJPjV6VSqdYiKTdn4FhXnfJXqhpqgz5ieichfQfFp0xFpyrB2q0ZYivWxZGKHCJyjm5uMKIu7kR6--a5yvZdd9OzZJUFhHGy4-uncXZSZKwdq3PYwbo2iPfIdKh9Q9CZY4ZkuzqVRJtbDSMhnsJzqP9I
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=250&adk=2718361518&adf=3639514867&pi=t.aa~a.2206314208~rp.4&w=330&fwrn=4&fwrnh=100&lmt=1682184927&rafmt=1&to=qs&pwprc=7526812580&format=330x250&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682184927109&bpp=1&bdt=2670&idt=1&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dafb5a9bb19c8e7dc-22f89a675fdf00ea%3AT%3D1682184926%3ART%3D1682184926%3AS%3DALNI_MZYKIO2hJBcZEh4f2W3A8TstkLsIA&gpic=UID%3D00000bee306f3850%3AT%3D1682184926%3ART%3D1682184926%3AS%3DALNI_MbrbmyHp3akMzZzkwmRsSP2aQ6zDg&prev_fmts=0x0%2C611x280%2C422x280&nras=4&correlator=8730483438130&frm=20&pv=1&ga_vid=484116870.1682184926&ga_sid=1682184926&ga_hid=1850398669&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=635&ady=4727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31074065%2C44785295%2C44788442&oid=2&psts=AHQMDFfAo6jWCNU9zxNzevsO2haiSD0hsqwjDwotHNArLyxnWKTM33y2EaSYXn3F9zidhOqEFwqdV7jr5pII&pvsid=151659908809941&tmod=1854497240&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=nBG1asRk1H&p=https%3A//vncare.net&dtd=87
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.207.16.204 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams04-nessy-float2.dotomi.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 17:35:28 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3484
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKj7U-7ne0XfFx9f0aK2aHk&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKj7U-7ne0XfFx9f0aK2aHk&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=M2piNVhzOGoxUFFoOFk1&google_gid=CAESEKj7U-7ne0XfFx9f0aK2aHk&google_cver=1&google_push=Aer7DvID4FJP6wsogwIan_5iI9yvfu5wtctTVQCZ70zk8ev...

170 B
188 B

17ms
16ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=M2piNVhzOGoxUFFoOFk1&google_gid=CAESEKj7U-7ne0XfFx9f0aK2aHk&google_cver=1&google_push=Aer7DvID4FJP6wsogwIan_5iI9yvfu5wtctTVQCZ70zk8evcCKs2SfQOG3zzYdzl50U9-HQ01prAUwx01WSov8hPxnoc9LD0bKE2XzLt6e52f28ntTK3FNKhHh3t6P2LtiVU-FLoEo5jsn0Rt6kvCgsugLfrC_Y

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 17:35:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 22 Apr 2023 17:35:27 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-775-g5f74e41#rel-ec2-master i-0bdcd692e53b93ca1@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=M2piNVhzOGoxUFFoOFk1&google_gid=CAESEKj7U-7ne0XfFx9f0aK2aHk&google_cver=1&google_push=Aer7DvID4FJP6wsogwIan_5iI9yvfu5wtctTVQCZ70zk8evcCKs2SfQOG3zzYdzl50U9-HQ01prAUwx01WSov8hPxnoc9LD0bKE2XzLt6e52f28ntTK3FNKhHh3t6P2LtiVU-FLoEo5jsn0Rt6kvCgsugLfrC_Y
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3484
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEL_Bq7JYJe-zpmhp8d5oFB8&google_cver=1&google_push=Aer7DvJkF5Qc0aAij-WRxCstIv4UIfdpPJThwvoUC0Ug9rcB9q-IXUYw9vtiKw1Qc7oJRneIA7Zi_gwkADBZvdR7OCqBUx8vuJ9AAA...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=688266DB2C924C7A826781E16A60F1A1&google_push=Aer7DvJkF5Qc0aAij-WRxCstIv4UIfdpPJThwvoUC0Ug9rcB9q-IXUYw9vtiKw1Qc7oJRneIA7Zi_gwkADBZvdR...

170 B
232 B

16ms
16ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=688266DB2C924C7A826781E16A60F1A1&google_push=Aer7DvJkF5Qc0aAij-WRxCstIv4UIfdpPJThwvoUC0Ug9rcB9q-IXUYw9vtiKw1Qc7oJRneIA7Zi_gwkADBZvdR7OCqBUx8vuJ9AAAjJBtAECUxtDyS1-xh6o4dd1HBW3DhIHCeEHa2nysypFcK01XWcqxvGngo

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 17:35:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 22 Apr 2023 17:35:28 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=688266DB2C924C7A826781E16A60F1A1&google_push=Aer7DvJkF5Qc0aAij-WRxCstIv4UIfdpPJThwvoUC0Ug9rcB9q-IXUYw9vtiKw1Qc7oJRneIA7Zi_gwkADBZvdR7OCqBUx8vuJ9AAAjJBtAECUxtDyS1-xh6o4dd1HBW3DhIHCeEHa2nysypFcK01XWcqxvGngo
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 21 Apr 2023 17:35:28 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 3484 42 B
213 B 51ms
15ms Image
image/gif 34.160.236.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEAZC-1U73ZVgzPyamx_99Nw&google_push=Aer7DvJCaWW2TUoM-T0htRZQtpuB7AJotmvt95n67P2aPf7nKJj-FxsNY6YT9jyN-52XnFXrNFsREmG6bDy0yzjxpKMLozpy2wf7OJFQcNuSJorGGUO_vvhyvMHggOlhu_8sYYUbBBrAlLwgeJXSCXL1oQWMNQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=250&adk=2718361518&adf=3639514867&pi=t.aa~a.2206314208~rp.4&w=330&fwrn=4&fwrnh=100&lmt=1682184927&rafmt=1&to=qs&pwprc=7526812580&format=330x250&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682184927109&bpp=1&bdt=2670&idt=1&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dafb5a9bb19c8e7dc-22f89a675fdf00ea%3AT%3D1682184926%3ART%3D1682184926%3AS%3DALNI_MZYKIO2hJBcZEh4f2W3A8TstkLsIA&gpic=UID%3D00000bee306f3850%3AT%3D1682184926%3ART%3D1682184926%3AS%3DALNI_MbrbmyHp3akMzZzkwmRsSP2aQ6zDg&prev_fmts=0x0%2C611x280%2C422x280&nras=4&correlator=8730483438130&frm=20&pv=1&ga_vid=484116870.1682184926&ga_sid=1682184926&ga_hid=1850398669&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=635&ady=4727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31074065%2C44785295%2C44788442&oid=2&psts=AHQMDFfAo6jWCNU9zxNzevsO2haiSD0hsqwjDwotHNArLyxnWKTM33y2EaSYXn3F9zidhOqEFwqdV7jr5pII&pvsid=151659908809941&tmod=1854497240&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=nBG1asRk1H&p=https%3A//vncare.net&dtd=87
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:28 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3484
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECuBn45fSFBN_Jok9WqMJa0&google_cver=1&google_push=Aer7DvLoWDQ1jEZ4_OgNjtJ1TZrG1lZZ3sjZtgAk8GMXL1sigTQ2gI8YkD_d6TRQVHaj5Rh2pM5...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdTOUgxSzAtMjMtSTJHUg==&google_push=Aer7DvLoWDQ1jEZ4_OgNjtJ1TZrG1lZZ3sjZtgAk8GMXL1sigTQ2gI8YkD_d6TRQVHaj5Rh2pM5U5jXjlKC_6mTookNMKoE0rds3_...

170 B
329 B

17ms
16ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdTOUgxSzAtMjMtSTJHUg==&google_push=Aer7DvLoWDQ1jEZ4_OgNjtJ1TZrG1lZZ3sjZtgAk8GMXL1sigTQ2gI8YkD_d6TRQVHaj5Rh2pM5U5jXjlKC_6mTookNMKoE0rds3_LppSRSv6C9gIS_o77NHqgDpWJFFjvWf-7lzMp4uJQ0_kWCshoZdrD9d3A

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 17:35:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdTOUgxSzAtMjMtSTJHUg==&google_push=Aer7DvLoWDQ1jEZ4_OgNjtJ1TZrG1lZZ3sjZtgAk8GMXL1sigTQ2gI8YkD_d6TRQVHaj5Rh2pM5U5jXjlKC_6mTookNMKoE0rds3_LppSRSv6C9gIS_o77NHqgDpWJFFjvWf-7lzMp4uJQ0_kWCshoZdrD9d3A
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3484
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESENHDQXtS9Tp45N1AdRxPdxw&google_cver=1&google_push=Aer7DvJ1cmr1Ik3kzIDH9ItZA51oA_JUB-qW958gTofsf1sMWGXHCt_utNJ0p_j_gW...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=Aer7DvJ1cmr1Ik3kzIDH9ItZA51oA_JUB-qW958gTofsf1sMWGXHCt_utNJ0p_j_gWTURXAdgwFv-i9MH8bpgyt-wv25M23e4dZH6C2NziPjoFhCEe...

170 B
232 B

17ms
17ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=Aer7DvJ1cmr1Ik3kzIDH9ItZA51oA_JUB-qW958gTofsf1sMWGXHCt_utNJ0p_j_gWTURXAdgwFv-i9MH8bpgyt-wv25M23e4dZH6C2NziPjoFhCEel6kDfKiNeOlKnojJpELUeFMINLQvkS0sLZgU9KkeQ-q_ii&google_hm=6-f1ULb2RvSQwU-amwvDWKM

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 17:35:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 22 Apr 2023 17:35:27 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=Aer7DvJ1cmr1Ik3kzIDH9ItZA51oA_JUB-qW958gTofsf1sMWGXHCt_utNJ0p_j_gWTURXAdgwFv-i9MH8bpgyt-wv25M23e4dZH6C2NziPjoFhCEel6kDfKiNeOlKnojJpELUeFMINLQvkS0sLZgU9KkeQ-q_ii&google_hm=6-f1ULb2RvSQwU-amwvDWKM
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 3484
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECI4n9mLBWpYsuaRJ-saVbo&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvInLlD97hQ4djoeHxxaj_gXZ2jfDmzfhcl0IjfSIOKBOiFd2d2IbFQIRwDP8gN29qH63ukVtGqd2OlboSIsJIb9RY0BhJKjLsFsZ2Htl0X0qxjQh...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

60ms
60ms

Image
image/gif

104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: H2
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires: Sat, 22 Apr 2023 17:35:28 GMT
pragma: no-cache
date: Sat, 22 Apr 2023 17:35:28 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 22 Apr 2023 17:35:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 3484 0
130 B 51ms
15ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KmiHhsI0wnsn7JJWr4Ozi5g8cTM_QdDrLHbp85reuK4tw8JTKHxEcvL3IEMS0oQobDsHUSHe4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:28 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FC69 15 KB
16 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 1873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 17:04:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FC69 15 KB
16 KB 27ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 15:24:53 GMT
x-content-type-options: nosniff
age: 7835
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 15:24:53 GMT

GET
H3 200 w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js Show response
pagead2.googlesyndication.com/bg/ Frame 1B40 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 13:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15224
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 13:21:44 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C791 6 KB
695 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1692867288&adf=3719226619&pi=t.aa~a.1043414356~rp.1&w=422&fwrn=4&fwrnh=100&lmt=1682184927&rafmt=1&to=qs&pwprc=7526812580&format=422x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682184927109&bpp=1&bdt=2669&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dafb5a9bb19c8e7dc-22f89a675fdf00ea%3AT%3D1682184926%3ART%3D1682184926%3AS%3DALNI_MZYKIO2hJBcZEh4f2W3A8TstkLsIA&gpic=UID%3D00000bee306f3850%3AT%3D1682184926%3ART%3D1682184926%3AS%3DALNI_MbrbmyHp3akMzZzkwmRsSP2aQ6zDg&prev_fmts=0x0%2C611x280&nras=3&correlator=8730483438130&frm=20&pv=1&ga_vid=484116870.1682184926&ga_sid=1682184926&ga_hid=1850398669&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31074065%2C44785295%2C44788442&oid=2&psts=AHQMDFfAo6jWCNU9zxNzevsO2haiSD0hsqwjDwotHNArLyxnWKTM33y2EaSYXn3F9zidhOqEFwqdV7jr5pII&pvsid=151659908809941&tmod=1854497240&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QuPkPtx84l&p=https%3A//vncare.net&dtd=81

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f323fc9e13fd6a7758914ff9eefe58a1828eceaf1fe979659b1117694910c1e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 22 Apr 2023 17:35:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 22 Apr 2023 17:27:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 22 Apr 2023 17:35:28 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame C791 2 KB
765 B 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 16:53:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2497
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 May 2023 16:53:51 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C791 0
0 59ms
59ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cjo4O3xpEZKnYEZCAkgOF_62wDdvN64pw6-LBk44RsdKBvOcCEAEgpafvHmCV4pCCoAegAbzl-qoByAEJqAMByAPLBKoEywFP0Aab4zzSEdGfaat1BPy98mmBX2yWU7mXhzrXAHUuMvCL8Wj1b1pQj2_IQFU-YgEbb9W76XCTo2dl9pGHbT8_Cr5Pihw4ID45_nTKta0X2m6OKaXBn4oeUTTn_eWunDjkJyrpS-1aMHtKhQlXeu2i_Xhbld9yiLdLHrIBAysQ5Md1f0xnTATuPzX0GqIPygRV---At-XBMtKdRp6SO0PP1lILHAd5N-4LIVozwml7gTowLQnBwwuhWe1PaVgoJNqYlu5wHYc8HW6fBcAEsaCRmKkEkgUECAQYAZIFBAgFGASgBi6AB6yahdUCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQu7EC0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMM0BUBmBYBgBcBshccChoIABIUcHViLTU1ODE4NjgyNzA4OTk4MDYYAA&sigh=hq4zVzt1xAg&uach_m=[UACH]&cid=CAQSPABygQiD3atNoslrEduDuE3qBr-D04WCDZo4xKF_bpY0Hkjm7l2ewYmPU_JXNohX64uRB7TSUQFdu908yxgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1692867288&adf=3719226619&pi=t.aa~a.1043414356~rp.1&w=422&fwrn=4&fwrnh=100&lmt=1682184927&rafmt=1&to=qs&pwprc=7526812580&format=422x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682184927109&bpp=1&bdt=2669&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dafb5a9bb19c8e7dc-22f89a675fdf00ea%3AT%3D1682184926%3ART%3D1682184926%3AS%3DALNI_MZYKIO2hJBcZEh4f2W3A8TstkLsIA&gpic=UID%3D00000bee306f3850%3AT%3D1682184926%3ART%3D1682184926%3AS%3DALNI_MbrbmyHp3akMzZzkwmRsSP2aQ6zDg&prev_fmts=0x0%2C611x280&nras=3&correlator=8730483438130&frm=20&pv=1&ga_vid=484116870.1682184926&ga_sid=1682184926&ga_hid=1850398669&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31074065%2C44785295%2C44788442&oid=2&psts=AHQMDFfAo6jWCNU9zxNzevsO2haiSD0hsqwjDwotHNArLyxnWKTM33y2EaSYXn3F9zidhOqEFwqdV7jr5pII&pvsid=151659908809941&tmod=1854497240&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QuPkPtx84l&p=https%3A//vncare.net&dtd=81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 22 Apr 2023 17:35:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame C791 21 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 15:45:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6600
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 May 2023 15:45:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame C791 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 14:55:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9611
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 May 2023 14:55:17 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame C791 19 KB
8 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 06:15:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40779
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 May 2023 06:15:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C791 0
0 16ms
14ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRzBhaEtG-prbOZq8okDgRG5L6vmuIWM_T26m0ktnGSaFvIiI3t-1ve9x8czPnwMmPrvZx39yyU0uRyZxLAS4a-JsG4GA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1692867288&adf=3719226619&pi=t.aa~a.1043414356~rp.1&w=422&fwrn=4&fwrnh=100&lmt=1682184927&rafmt=1&to=qs&pwprc=7526812580&format=422x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682184927109&bpp=1&bdt=2669&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dafb5a9bb19c8e7dc-22f89a675fdf00ea%3AT%3D1682184926%3ART%3D1682184926%3AS%3DALNI_MZYKIO2hJBcZEh4f2W3A8TstkLsIA&gpic=UID%3D00000bee306f3850%3AT%3D1682184926%3ART%3D1682184926%3AS%3DALNI_MbrbmyHp3akMzZzkwmRsSP2aQ6zDg&prev_fmts=0x0%2C611x280&nras=3&correlator=8730483438130&frm=20&pv=1&ga_vid=484116870.1682184926&ga_sid=1682184926&ga_hid=1850398669&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31074065%2C44785295%2C44788442&oid=2&psts=AHQMDFfAo6jWCNU9zxNzevsO2haiSD0hsqwjDwotHNArLyxnWKTM33y2EaSYXn3F9zidhOqEFwqdV7jr5pII&pvsid=151659908809941&tmod=1854497240&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QuPkPtx84l&p=https%3A//vncare.net&dtd=81
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C791 159 KB
49 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Apr 2023 17:35:28 GMT

GET
H3 200 f8970ecc2196f374e9d99027c476dd6b.js Show response
www.gstatic.com/mysidia/ Frame C791 32 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:50:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42307
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13747
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 05:50:21 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/6250483642341616301/ Frame C791 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6250483642341616301/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a3bcf277c36efdeab24ebef2e0084b2aebdb8644cc90429fdc682690be0c19e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 16:07:46 GMT
x-content-type-options: nosniff
age: 5262
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2975
x-xss-protection: 0
last-modified: Fri, 06 Jan 2023 14:19:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 21 Apr 2024 16:07:46 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/12826209201900956560/ Frame C791 12 KB
12 KB 8ms
7ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12826209201900956560/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ee3986733f04cc154ffbbdb759c111957b9cbb844bb1220bd096729b45e70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:31:30 GMT
x-content-type-options: nosniff
age: 83038
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12151
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 14:32:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 20 Apr 2024 18:31:30 GMT

GET
DATA 200
OK truncated
/ Frame C791 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7FB5 1 KB
643 B 7ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 81303
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 19:00:25 GMT
etag: 48472445140208031
expires: Sat, 22 Apr 2023 19:00:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C791 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5484873e2e918333bfefa611442d92887ffe5559ff5e32f0f843c33bbddd699

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 7FB5 35 B
464 B 33ms
7ms Image
image/gif 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEB3dtT__nKfuabeXBuOcZzM&google_cver=1&google_push=Aer7DvIycERXSGBZSL-0QlD4eedgwMteaO2Vux48PPtFiGglFCEnULg9ucEpLfF9JCjYM44_j1H9aY-cqz1t_vKHGO40h_-I6Brv0AAf

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 17:35:28 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 7FB5 0
103 B 166ms
25ms Image
text/plain 89.207.16.204
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFFVm2SCN4H-nySf99JVyjA&google_cver=1&google_push=Aer7DvK1Zoho0PVkFjMGuCezzR6W_Y-661QXl656toWSM0W-iDFFDuooMHoxO4UOZF85vudivvuCjTcuKZGrIF9Tb8tPzfexqo_58wGE
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1692867288&adf=3719226619&pi=t.aa~a.1043414356~rp.1&w=422&fwrn=4&fwrnh=100&lmt=1682184927&rafmt=1&to=qs&pwprc=7526812580&format=422x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682184927109&bpp=1&bdt=2669&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dafb5a9bb19c8e7dc-22f89a675fdf00ea%3AT%3D1682184926%3ART%3D1682184926%3AS%3DALNI_MZYKIO2hJBcZEh4f2W3A8TstkLsIA&gpic=UID%3D00000bee306f3850%3AT%3D1682184926%3ART%3D1682184926%3AS%3DALNI_MbrbmyHp3akMzZzkwmRsSP2aQ6zDg&prev_fmts=0x0%2C611x280&nras=3&correlator=8730483438130&frm=20&pv=1&ga_vid=484116870.1682184926&ga_sid=1682184926&ga_hid=1850398669&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31074065%2C44785295%2C44788442&oid=2&psts=AHQMDFfAo6jWCNU9zxNzevsO2haiSD0hsqwjDwotHNArLyxnWKTM33y2EaSYXn3F9zidhOqEFwqdV7jr5pII&pvsid=151659908809941&tmod=1854497240&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QuPkPtx84l&p=https%3A//vncare.net&dtd=81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.207.16.204 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams04-nessy-float2.dotomi.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 17:35:28 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7FB5
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKj7U-7ne0XfFx9f0aK2aHk&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=M2piNVhzOGoxUFFoOFk1&google_gid=CAESEKj7U-7ne0XfFx9f0aK2aHk&google_cver=1&google_push=Aer7DvJ4554zyy20doRtzfQFYSGI3HAUSR71i5dTrzY2SMM...

170 B
188 B

16ms
15ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=M2piNVhzOGoxUFFoOFk1&google_gid=CAESEKj7U-7ne0XfFx9f0aK2aHk&google_cver=1&google_push=Aer7DvJ4554zyy20doRtzfQFYSGI3HAUSR71i5dTrzY2SMMpYCCuwFs_Czl0dmr4H_9SC3nbwIstdqJkinlURllsIJdsIk1p7-SD7Emx

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 17:35:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 22 Apr 2023 17:35:28 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-775-g5f74e41#rel-ec2-master i-0bdcd692e53b93ca1@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=M2piNVhzOGoxUFFoOFk1&google_gid=CAESEKj7U-7ne0XfFx9f0aK2aHk&google_cver=1&google_push=Aer7DvJ4554zyy20doRtzfQFYSGI3HAUSR71i5dTrzY2SMMpYCCuwFs_Czl0dmr4H_9SC3nbwIstdqJkinlURllsIJdsIk1p7-SD7Emx
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7FB5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEjCbsiQXvGpPVao3mLzZnQ&google_push=Aer7DvJxeKGIG4Qm9PXJ2X5HiF0ZHV2EkWiV3O-yxxRHzECrfQF_bIaico...

170 B
188 B

17ms
16ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEjCbsiQXvGpPVao3mLzZnQ&google_push=Aer7DvJxeKGIG4Qm9PXJ2X5HiF0ZHV2EkWiV3O-yxxRHzECrfQF_bIaicoAiIuFhELQ4YMkCr7y7Yo9O7I8m2L4S5R-vR1Vtn1NpXdM

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 17:35:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230096-FRA
pragma: no-cache
date: Sat, 22 Apr 2023 17:35:28 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1682184928.283976,VS0,VE99
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEjCbsiQXvGpPVao3mLzZnQ&google_push=Aer7DvJxeKGIG4Qm9PXJ2X5HiF0ZHV2EkWiV3O-yxxRHzECrfQF_bIaicoAiIuFhELQ4YMkCr7y7Yo9O7I8m2L4S5R-vR1Vtn1NpXdM
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7FB5
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMhGI5U2rhbzTnXb0not2gU&google_cver=1&google_push=Aer7DvLmLhsjZJ__jriBXdxpGzT8ybXjHj3dRU49wpotVpVjvI3VZJwV93DBwiUJl2Wlzcdel29BPUWJl6cd9tongyDK...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEMhGI5U2rhbzTnXb0not2gU&google_cver=1&google_push=Aer7DvLmLhsjZJ__jriBXdxpGzT8ybXjHj3dRU49wpotVpVjvI3VZJwV93DBwiUJl2Wlzcdel29BPUWJl6cd9t...
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=3c81c103-c6a9-4112-8862-dca9d2d15d03&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvLmLhsjZJ__jriBXdxpGzT8ybXjHj3dRU49wpotVpVjvI3VZJwV93DBwiUJl2Wlzcdel29BPUWJl6cd9tongyDKRvlXOImiAxU&google_hm=TckdZGCjQLqZv1EhFrK2...

170 B
188 B

17ms
16ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvLmLhsjZJ__jriBXdxpGzT8ybXjHj3dRU49wpotVpVjvI3VZJwV93DBwiUJl2Wlzcdel29BPUWJl6cd9tongyDKRvlXOImiAxU&google_hm=TckdZGCjQLqZv1EhFrK2Aw==

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 17:35:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvLmLhsjZJ__jriBXdxpGzT8ybXjHj3dRU49wpotVpVjvI3VZJwV93DBwiUJl2Wlzcdel29BPUWJl6cd9tongyDKRvlXOImiAxU&google_hm=TckdZGCjQLqZv1EhFrK2Aw==
date: Sat, 22 Apr 2023 17:35:28 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7FB5
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKn7niXG04vSuzD0FWG0C8Q&google_cver=1&google_push=Aer7DvLT_9sz1g2W1KLzx9auyYM_YtztUYqBlhkHmH85NjNkplpMR12giyhMFP5WleGM1B336RKNpcZjhKD65KsFClELyvf...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvLT_9sz1g2W1KLzx9auyYM_YtztUYqBlhkHmH85NjNkplpMR12giyhMFP5WleGM1B336RKNpcZjhKD65KsFClELyvfbpI2uXwGk&google_hm=eS1GUVBPRF94RTJwRl...

170 B
188 B

17ms
17ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvLT_9sz1g2W1KLzx9auyYM_YtztUYqBlhkHmH85NjNkplpMR12giyhMFP5WleGM1B336RKNpcZjhKD65KsFClELyvfbpI2uXwGk&google_hm=eS1GUVBPRF94RTJwRlIyX2Z3VDVYc3c5SFFSbXRVeWRKcX5B

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 17:35:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 22 Apr 2023 17:35:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvLT_9sz1g2W1KLzx9auyYM_YtztUYqBlhkHmH85NjNkplpMR12giyhMFP5WleGM1B336RKNpcZjhKD65KsFClELyvfbpI2uXwGk&google_hm=eS1GUVBPRF94RTJwRlIyX2Z3VDVYc3c5SFFSbXRVeWRKcX5B
content-length: 0

GET
H2 200 trk
ag.innovid.com/ Frame 7FB5 43 B
297 B 215ms
22ms Image
image/gif 2a05:d01c:1d8:8100:cb45:3ea5:a730:a682
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEJ15m83Zsz3snS9T6ZrA5Sg&google_cver=1&google_push=Aer7DvJAVI5XxlWr3pgpoiMctNlrRGLNLLM_8cap7LEhjR8dhSnnZ87KcCzVO1mHpd-7AIfFgp8MLV5v4rQA5PFszLfB3Sz9AW5rCgY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1692867288&adf=3719226619&pi=t.aa~a.1043414356~rp.1&w=422&fwrn=4&fwrnh=100&lmt=1682184927&rafmt=1&to=qs&pwprc=7526812580&format=422x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682184927109&bpp=1&bdt=2669&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dafb5a9bb19c8e7dc-22f89a675fdf00ea%3AT%3D1682184926%3ART%3D1682184926%3AS%3DALNI_MZYKIO2hJBcZEh4f2W3A8TstkLsIA&gpic=UID%3D00000bee306f3850%3AT%3D1682184926%3ART%3D1682184926%3AS%3DALNI_MbrbmyHp3akMzZzkwmRsSP2aQ6zDg&prev_fmts=0x0%2C611x280&nras=3&correlator=8730483438130&frm=20&pv=1&ga_vid=484116870.1682184926&ga_sid=1682184926&ga_hid=1850398669&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31074065%2C44785295%2C44788442&oid=2&psts=AHQMDFfAo6jWCNU9zxNzevsO2haiSD0hsqwjDwotHNArLyxnWKTM33y2EaSYXn3F9zidhOqEFwqdV7jr5pII&pvsid=151659908809941&tmod=1854497240&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QuPkPtx84l&p=https%3A//vncare.net&dtd=81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:cb45:3ea5:a730:a682 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 22 Apr 2023 17:35:28 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7FB5 0
12 B 15ms
14ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K4US_iHY99dLeprnmzEB9EhUxpz5tCMTH2YS2ooCO6ZdZJg-anuMSQyOcLdxO0ugDa_9h9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:28 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C791 15 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 1873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 17:04:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C791 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 15:24:53 GMT
x-content-type-options: nosniff
age: 7835
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 15:24:53 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 5D12 0
127 B 16ms
16ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 22 Apr 2023 17:35:28 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js Show response
pagead2.googlesyndication.com/bg/ Frame AA47 36 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 13:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15224
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 13:21:44 GMT

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
290 B 97ms
97ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.6/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://vncare.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://vncare.net
Date: Sat, 22 Apr 2023 17:35:28 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H3 200 css2
fonts.googleapis.com/ 7 KB
675 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600&display=swap

Requested by

Host: vcdn.subiz-cdn.com
URL: https://vcdn.subiz-cdn.com/widget-v4/public/18754d60df1.app.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2259f032340632fba8092f5b0da85ffa81d34abd5f8ef0a9e5632fee437dc483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 22 Apr 2023 17:35:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 22 Apr 2023 16:21:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 22 Apr 2023 17:35:28 GMT

GET
H2 400 hkfnjnwuxnhohbvtypywagaugixfiuosjtfrfjfv Show response
api.sbz.vn/4.0/accounts/acrbglqzghjwguvnwdvo/users/ 822 B
626 B 1000ms
269ms XHR
application/json 35.213.167.91
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sbz.vn/4.0/accounts/acrbglqzghjwguvnwdvo/users/hkfnjnwuxnhohbvtypywagaugixfiuosjtfrfjfv?v=6&x-user-ref=hkfnjnwuxnhohbvtypywagaugixfiuosjtfrfjfv
Requested by: Host: vcdn.subiz-cdn.com
URL: https://vcdn.subiz-cdn.com/widget-v4/public/18754d60df1.app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.213.167.91 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS: 91.167.213.35.bc.googleusercontent.com
Software: /
Resource Hash: 1078163679c3c7b851d99064333b532b1d153e00c38b3a55179a64a621ae526f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:29 GMT
content-encoding: gzip
via: 1.1 google
x-api-time: 15.468603ms
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vncare.net
access-control-allow-credentials: true
x-api-host: api-778485d4dd-ld8sz
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 384

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FC4D 42 B
64 B 44ms
44ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuh7kChor3RaZ0RnFOAQkmj3acTlN4W4YfGla3N-nFCFjvjHKE9bqubqrVJBs_4Nsae3SlrFv2poc7gVpSR5pUvjGxrBjo_Pjp8ZR7MW0KeV9tvD5hG0E2618hHmu4ldBNzOIlhDw&sai=AMfl-YS-hR6tYLlQq1MCcYQrlQbrzj23JAXoB4jSOKSGYMRNV1_rHw24VjJ4K56u0FYtpAaEmjRF4FkCvAlK&sig=Cg0ArKJSzAk4IAhR2k0QEAE&cid=CAQSGwBygQiDtjOoICQpNH_uP38_Dtnp_0JZH3KGmBgB&id=lidar2&mcvt=1020&p=0,0,124,1005&mtos=102,787,1020,1128,1245&tos=102,685,233,108,117&v=20230419&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682184927272&rpt=148&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 17:35:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
37 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vncare.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:07:52 GMT
x-content-type-options: nosniff
age: 235656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 00:07:52 GMT

GET
H3 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2
fonts.gstatic.com/s/inter/v12/ 56 KB
56 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45606f837ab8530c01f3602592ed7a118450be4ef3f629ca644d0543099e5c6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vncare.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:07:54 GMT
x-content-type-options: nosniff
age: 235654
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56968
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 21:29:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 00:07:54 GMT

GET
H3 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa2pL7SUc.woff2
fonts.gstatic.com/s/inter/v12/ 8 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa2pL7SUc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac4e131ca9a592d8d092e617c759bc5ac35d411a11fdf1610ba834330ab94d91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vncare.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 02:05:34 GMT
x-content-type-options: nosniff
age: 142194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8640
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:53:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Apr 2024 02:05:34 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=4C1E75F4BAB14815A8C0BE9AB60459C1&RedC=c.clarity.ms&MXFR=3A45AACD1D5369E3366FB836195367E4
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4C1E75F4BAB14815A8C0BE9AB60459C1&MUID=12A37B14E0A56A7717DE69EFE1A56B4C

42 B
466 B

28ms
28ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4C1E75F4BAB14815A8C0BE9AB60459C1&MUID=12A37B14E0A56A7717DE69EFE1A56B4C
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 17:35:29 GMT
last-modified: Wed, 19 Apr 2023 15:34:17 GMT
server: Microsoft-IIS/10.0
etag: "f5c05c67d472d91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 22 Apr 2023 17:35:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 784290B716954A3993A9A333860CD6F5 Ref B: FRAEDGE1720 Ref C: 2023-04-22T17:35:29Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4C1E75F4BAB14815A8C0BE9AB60459C1&MUID=12A37B14E0A56A7717DE69EFE1A56B4C
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 58ms
57ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230418&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3169303bb21816a26de806b09b192c871eb9422dd1f6a36d4af6d2f276d29d01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11343
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 22 Apr 2023 17:35:29 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3A8B 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vncare.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 8925
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 15:06:44 GMT
expires: Sun, 21 Apr 2024 15:06:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F17C 783 B
535 B 19ms
18ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7332dc1ecdb18f341f2b7a1a917dc2ed21247113513d0a5b09ea309e6b63bf99

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-33vqewLq2oRSeduDRbjP7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vncare.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-33vqewLq2oRSeduDRbjP7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 17:35:29 GMT
expires: Sat, 22 Apr 2023 17:35:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js Show response
pagead2.googlesyndication.com/bg/ Frame 3A8B 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 13:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 13:21:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F17C 0
0 41ms
41ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230418&jk=151659908809941&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3A8B 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?_dK8_w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
44ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230418&jk=151659908809941&bg=!Hh2lHUnNAAYfNdXmPzU7ADkAdvg8Wl4mBYKbuKHuCa3bYwnp4ExYxJ9nenQLPqTY4edfvgvgXylWlqZ8Kjd9akvS6pDIuN7M9bkCAAAAT1IAAAACaAEHCgAFvtMfNEWZAsSLAjHaNmaZzVh1mNSH5eWBPmV88Q2Zi4y3UkxSIqxYRWWdojlvSa7LljWE_Jg7jqX6r7e9d1qwQZYhygBwPeGGwpvpkeXTq90ZJd_GyxR1ZEUSSlLXuY7JPLCrubPKgpPdfIM7nPqryctzGb6pMDDehDOlvm2U9F6PpU6ZhHvh8LKdnNcYvR-B6qmlJGsHOp04oTUbGDePqgpxoM5QIuIksKu-8RsPaSFfrN4UnEpDd11F7wNTGCXsz6H_v3oTetia6lywjUYKLRRKfVDN-nuWOd65AqDhGltpl7KSFkc4S5deDXDV81cdip6vaXMTqzFRJt3hdyz8tIVDrRIGKvldtPAUOcmOlZ1HdTNgHgmN-FU1fmFQj1gMym_3eAmK8DuamrumrOhi4P03RY0DTg0Uq5xc-DPGKC8806D5FBRMJi6Y4D32W1Az8sUmNHR7TA9TxtbOaS9UDUfqpH5tQAItkVzz8Hn4TZptwwQiVKlI8hy8t1rdZ_aTCImOpMk29tyxDq5h3NI1Tqcm_BAEK1Pvy2QO8g1d0XPPtJfx1-B0OgUUSUIKVfJ15OGLWsclaECMVQrkk5_llckFH3FlUO5Rh5By80vmUjv-YKqw-3bdrvST8ecide9PAvJ3mxbMUsZen9LlJcw3HAWStl_HyQ0UpsQfV-eFPZTDgTQ-aLs904MdUXH-GIRh9aEhRDUCFBQKAUii0Zu-OOfDUva_QuVhHFogy7FTCWgbBclGK6ZWIYOUS9_zs9kaCcW1f7zdYSN6pdEBv6JDjGxnArXN8FR34u8ml6kN2xYiZrOQV0LGlyeLRIlrS5uk0CKnimbZVlo0NtC0Kqn2MbWbIGeIk5oDpp8SWBdOE9L66SOkwf-N5z8zgKZvurzYaggcL-3jBoHwOw3_KF9kQT6dl_TxK9AAh4P90cCkwWmhwCFiBsvKwqduxkI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
290 B 97ms
96ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.6/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://vncare.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://vncare.net
Date: Sat, 22 Apr 2023 17:35:31 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 400 hkfnjnwuxnhohbvtypywagaugixfiuosjtfrfjfv Show response
api.sbz.vn/4.0/accounts/acrbglqzghjwguvnwdvo/users/ 822 B
458 B 254ms
253ms XHR
application/json 35.213.167.91
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sbz.vn/4.0/accounts/acrbglqzghjwguvnwdvo/users/hkfnjnwuxnhohbvtypywagaugixfiuosjtfrfjfv?v=6&x-user-ref=hkfnjnwuxnhohbvtypywagaugixfiuosjtfrfjfv
Requested by: Host: vcdn.subiz-cdn.com
URL: https://vcdn.subiz-cdn.com/widget-v4/public/18754d60df1.app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.213.167.91 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS: 91.167.213.35.bc.googleusercontent.com
Software: /
Resource Hash: 1078163679c3c7b851d99064333b532b1d153e00c38b3a55179a64a621ae526f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:35:31 GMT
content-encoding: gzip
via: 1.1 google
x-api-time: 99.817Âµs
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vncare.net
access-control-allow-credentials: true
x-api-host: api-778485d4dd-ld8sz
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 384

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: payment-api.vietnamkhoemanh.vn
URL: https://payment-api.vietnamkhoemanh.vn/api/v1/g1donate/TransactionInfo/totalDonate

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

41 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
vncare.net/	1970-01-20 11:16:32	Name: XSRF-TOKEN Value: eyJpdiI6IlVqbEhUb29rQ1hrRHBRVmNoeW95cmc9PSIsInZhbHVlIjoiUHcwcEtKd1l4RU1PcllMVGZJRUtSQ2wzdWdvMWtuM3h3S3JIV05BNmtWdUVXaU1hTlNyWDQzWlNxODhYMlBORVRFR0hNaHRIV0QyMW5XdWU3QVVBbkZ4dDU2NFl3aWttdGUzM2daVWNJaWlDbFJMNjlVQzVYdW0xdGhPNWxNSTYiLCJtYWMiOiJkYjQwYmNkYzIwZTAxYjhlMjhkYjlkNGI4MDhiNzgwNGFjM2E1YzlkOGNlMjIxY2UyYzZkOWEyNWQyMTQ0NjZjIn0%3D
vncare.net/	1970-01-20 11:16:32	Name: laravel_session Value: eyJpdiI6IlY0QkpoaE9IWTRYamJXNUphRDJOMWc9PSIsInZhbHVlIjoiSE9HS214UkFSNm5QTVRvNjlraytUb0JlcHlQRzRhenAyMDJwM0U1NE1Ra0U5WkM4SVE3UVNxWi85NldrbDVYMmZNeU1oVVhJNDMzQjIrNjZOM2h2disybHdpRWc0VHZScWhqZUxGU2p6ZEFNWW1lc1JzcTdFZ20rREN1TXRXYmIiLCJtYWMiOiJhMzFkNmVkOGNiYzZhODdhOGQ1MzRiZGU2OGIwZWNjZDg5NDlhYzQwMzMyOTI5MzQ0MWYwNGU2NTFkNjUzMTU0In0%3D
.vncare.net/	1970-01-20 11:17:51	Name: _gid Value: GA1.2.340375461.1682184926
.vncare.net/	1970-01-20 11:16:24	Name: _gat_UA-155281519-1 Value: 1
.vncare.net/	1970-01-20 11:16:24	Name: _gat_gtag_UA_155281519_2 Value: 1
.vncare.net/	1970-01-20 20:52:24	Name: _ga_JCL28JS8H1 Value: GS1.1.1682184925.1.0.1682184925.0.0.0
.vncare.net/	1970-01-20 20:52:24	Name: _ga Value: GA1.1.484116870.1682184926
.vncare.net/	1970-01-20 20:52:24	Name: _ga_EFY07YGB54 Value: GS1.1.1682184926.1.0.1682184926.60.0.0
www.clarity.ms/	1970-01-20 20:02:00	Name: CLID Value: 1dea70cc964247928aad4f0062ad7e6e.20230422.20240421
.vncare.net/	1970-01-20 20:02:00	Name: _clck Value: ar8pu8\|1\|faz\|0
.vncare.net/	1970-01-20 20:38:00	Name: __gads Value: ID=afb5a9bb19c8e7dc-22f89a675fdf00ea:T=1682184926:RT=1682184926:S=ALNI_MZYKIO2hJBcZEh4f2W3A8TstkLsIA
.vncare.net/	1970-01-20 20:38:00	Name: __gpi Value: UID=00000bee306f3850:T=1682184926:RT=1682184926:S=ALNI_MbrbmyHp3akMzZzkwmRsSP2aQ6zDg
.vncare.net/	1970-01-20 11:17:51	Name: _clsk Value: ftxt6o\|1682184926576\|1\|1\|x.clarity.ms/collect
.doubleclick.net/	1970-01-20 20:38:00	Name: IDE Value: AHWqTUmdUrBwrJqAAFPiWDJh4-zrjHRVQwGnVC6aUxpoq4XQJpPQ4izSvzaZpkrUt_s
.doubleclick.net/	1970-01-20 11:16:25	Name: test_cookie Value: CheckForPermission
.ctnsnet.com/	1970-01-20 20:02:00	Name: gid_CAESENHDQXtS9Tp45N1AdRxPdxw Value: 1
.ctnsnet.com/	1970-01-20 20:02:00	Name: cid_ebe7f550b6f646f490c14f9a9b0bc358 Value: 1
.w55c.net/	1970-01-20 20:46:39	Name: wfivefivec Value: 3jb5Xs8j1PQh8Y5
.simpli.fi/	1970-01-20 20:03:27	Name: suid Value: 688266DB2C924C7A826781E16A60F1A1
.w55c.net/	1970-01-20 11:59:36	Name: matchgoogle Value: 5
.quantserve.com/	1970-01-20 13:26:00	Name: d Value: EFgBCQHoKIEA
.quantserve.com/	1970-01-20 20:46:39	Name: mc Value: 64441ae0-41a8c-8fad3-9f84d
.yahoo.com/	1970-01-20 20:02:22	Name: A3 Value: d=AQABBOAaRGQCEC5Mt-n_9wtWZ9VUiQ2VJcgFEgEBAQFsRWRNZAAAAAAA_eMAAA&S=AQAAAmQ2094ibiP_rqZdzQGORy0
.everesttech.net/	1970-01-20 20:02:00	Name: everest_g_v2 Value: g_surferid~ZEQa4AAEsF9uBgBL
.innovid.com/	1970-01-20 13:26:00	Name: uuid Value: 45946bfe-e9d7-49a6-b5e5-d41d95bfede2-20230422 13:35:28
.bidswitch.net/	1970-01-20 20:02:00	Name: tuuid Value: 4dc91d64-60a3-40ba-99bf-512116b2b603
.bidswitch.net/	1970-01-20 20:02:00	Name: c Value: 1682184928
.bidswitch.net/	1970-01-20 20:02:00	Name: tuuid_lu Value: 1682184928
vncare.net/	1970-01-20 20:52:24	Name: __sbref Value: hkfnjnwuxnhohbvtypywagaugixfiuosjtfrfjfv
.sportradarserving.com/	1970-01-20 20:02:00	Name: zuuid Value: 3c81c103-c6a9-4112-8862-dca9d2d15d03
.sportradarserving.com/	1970-01-20 20:02:00	Name: c Value: 1682184928
.sportradarserving.com/	1970-01-20 20:02:00	Name: zuuid_lu Value: 1682184928
.sportradarserving.com/	1970-01-20 20:02:00	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-20 20:02:00	Name: zuuid_k_lu Value: 1682184928
.bing.com/	1970-01-20 20:38:00	Name: MUID Value: 12A37B14E0A56A7717DE69EFE1A56B4C
.c.bing.com/	1970-01-20 11:26:29	Name: MR Value: 0
.c.bing.com/	1970-01-20 20:38:00	Name: SRM_B Value: 12A37B14E0A56A7717DE69EFE1A56B4C
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 20:38:00	Name: MUID Value: 12A37B14E0A56A7717DE69EFE1A56B4C
.c.clarity.ms/	1970-01-20 11:26:29	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 11:16:25	Name: ANONCHK Value: 0

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://payment-api.vietnamkhoemanh.vn/api/v1/g1donate/TransactionInfo/totalDonate Message: Failed to load resource: net::ERR_CONNECTION_CLOSED
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=4005066663&adf=1406287981&pi=t.aa~a.2766582420~rp.4&w=611&fwrn=4&fwrnh=100&lmt=1682184926&rafmt=1&to=qs&pwprc=7526812580&format=611x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682184925939&bpp=2&bdt=1500&idt=250&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8730483438130&frm=20&pv=1&ga_vid=484116870.1682184926&ga_sid=1682184926&ga_hid=1850398669&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=774&ady=34&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31074065%2C44785295%2C44788442&oid=2&pvsid=151659908809941&tmod=1854497240&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PQF4HF3OeQ&p=https%3A//vncare.net&dtd=252 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://api.sbz.vn/4.0/accounts/acrbglqzghjwguvnwdvo/users/hkfnjnwuxnhohbvtypywagaugixfiuosjtfrfjfv?v=6&x-user-ref=hkfnjnwuxnhohbvtypywagaugixfiuosjtfrfjfv Message: Failed to load resource: the server responded with a status of 400 ()
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-5581868270899806&fa=1&ifi=11&uci=a!b&btvi=3&xpc=PzDWuaB3b3&p=https%3A//vncare.net Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
network	error	URL: https://api.sbz.vn/4.0/accounts/acrbglqzghjwguvnwdvo/users/hkfnjnwuxnhohbvtypywagaugixfiuosjtfrfjfv?v=6&x-user-ref=hkfnjnwuxnhohbvtypywagaugixfiuosjtfrfjfv Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.sportradarserving.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
ag.innovid.com
angelbeauty.com.vn
api.sbz.vn
c.bing.com
c.clarity.ms
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
csm.eu.criteo.net
dclk-match.dotomi.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
healthcare247.asia
imageproxy.eu.criteo.net
ius.ctnsnet.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
payment-api.vietnamkhoemanh.vn
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
region1.analytics.google.com
region1.google-analytics.com
rtb.nl3.eu.criteo.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.teads.tv
thammyviengangwhoo.vn
theme.hstatic.net
tpc.googlesyndication.com
um.simpli.fi
vcdn.subiz-cdn.com
vncare.net
widget.subiz.net
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
x.clarity.ms
xmebeauty.com
payment-api.vietnamkhoemanh.vn
103.138.88.36
103.138.88.65
103.229.192.200
103.229.193.244
103.77.162.8
104.102.35.84
118.69.83.90
151.101.194.49
172.217.18.2
178.250.1.6
18.198.72.223
20.114.190.119
2001:4860:4802:32::178
2001:4860:4802:32::36
2606:4700:10::ac43:ebf
2606:4700:20::681a:d2e
2606:4700::6811:190e
2620:116:800d:21:93ca:31d8:d86e:38f6
2620:1ec:4f:1::45
2620:1ec:c11::200
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:830::200a
2a00:1450:400c:c00::9a
2a02:2638:3::12
2a02:2638:3::9
2a02:2638:d::11
2a02:2638:d::13
2a02:2638:d::2
2a05:d018:d29:3605:be27:41a2:27d7:366f
2a05:d01c:1d8:8100:cb45:3ea5:a730:a682
3.124.38.23
34.160.236.64
35.186.193.173
35.204.74.118
35.213.167.91
52.59.49.11
68.219.88.97
69.173.144.139
89.207.16.204
05baed622a0406dd4c18b4de9e156c2d328a9789a3cfb7cc2b8a10a267696f0e
0717179a9c7a303584f25656079afd2ccf6fec9b94a30845b1382af5555bc9a7
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0acd000b7821ba7535d7d3100e28d42e005dde81f5240da18ba0164444d75dcd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dda21faf5b861794316b16e7c8ff2ab3f7f84c685befd153e0c67d1f259b9ca
1078163679c3c7b851d99064333b532b1d153e00c38b3a55179a64a621ae526f
129e8fc930f2868133ba648df1b39a8ec00c55f0f20214aade81a544d94df1e7
14aab5a17344d0b1d6bd1884ff5bf4401dd2b8312439394f26a78b7032c4cd33
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1743b54e611ae08f0ddb89d8d1bc9ae7d78feacbd672c86a5f5bb3c1a582e05e
1faf62e63d03c8ab634f237a3fa2256ee6baf70295d91eb73d115c5051e590bf
2259f032340632fba8092f5b0da85ffa81d34abd5f8ef0a9e5632fee437dc483
255be54e5a172e958e8a7ec5dc5d5d6192bc95909a40afab98ffd262085d4586
280bf339063cc4ccbe449c44e0e355c609760c390d8affec4bbdf8255d94777f
2c10b7eeb5bdb3dd50c4ff41c7b17f6591fefe8ccd7667c382514087ea2f14d1
2c2608934fb8672013209b4a3cb8c6f1243aabadce24285521edc681375b2e04
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3169303bb21816a26de806b09b192c871eb9422dd1f6a36d4af6d2f276d29d01
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
36f0f1bf903392d3f511881721f5114f07bbaea2b302413b1f7fd375efd14e1c
3ad6f4a86b46a79de4eec016386e544a346ee58ec0d28e06704f37703540b7ad
400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
45606f837ab8530c01f3602592ed7a118450be4ef3f629ca644d0543099e5c6b
49c0e0ad53bd05cba0fe5e73cd1a5e3ff24265875d2e562001de80a45785cb34
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
508ee3986733f04cc154ffbbdb759c111957b9cbb844bb1220bd096729b45e70
511fe7997530ec63f24f0b9d80b80b8cc8d410f6c52cc41cf3b87a70c2f4a410
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439
588a98c5d700038bc5528578f20210806bd6cd2120193f14241c58badbfe7e7b
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65d4c946d8331caf91ac63a04d2c5a1900abfbc3f1b81563333edecd1eb24ad3
6a0d5f1198f0b5d6a76bb8ec1ab89a44d582ebe188c7d0328151d708885bb6ce
6a5b5c119e29baff98f1cce6f2b309113093c38245dc23665417663cfdd94f78
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d58df06c903006249c8598d9604d36dd77edded7da7fa4f429d699bf367b9d0
6df2ce1dd3eb2bb0e0e5418aa6cdf26ff6cd382363f5d72b56d1befbec4131e5
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7332dc1ecdb18f341f2b7a1a917dc2ed21247113513d0a5b09ea309e6b63bf99
7611c948d6e3081c934a24046221a11dc812a5394405eb0680f8f7e75f174670
7802ab7abd053752bebf764dbf39c389fa17e47909fcdd317225f39efa6de14f
787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4
7cc56d258c6f121c54e07c3e797d1c41da07418e8a2fc69336d18ff6bf52a8fa
830bde98f84de1d3b00b26c1267f5b16cd3b868e05b198336453c2967cd88542
831997ce334905a4fc3c7f0673c30bd34701f9810d87b19335aea228804ae38a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233
86dc9c044d51fdbd457ecb9d325fffb7659c517a3736677ef2cecdc99993181c
86e496b536b26ba60cdb68df9dd9143b19a63b65e30e373b0321833aab1295d6
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a3bcf277c36efdeab24ebef2e0084b2aebdb8644cc90429fdc682690be0c19e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bee4ef2f7ff3d78596a839336b56d6a7740718478ed95c4fddd7099b6fd7377
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a2ff863713a2af74627cc821ca8d650eeaff248d4bd9594a59ced297f074c58d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a55ade67aedf45a013ca01c5e93fa042d175348ef4d16f64cde022beee9abbd5
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8a0c7bc16188cacb621407cb542dd5e0bb446da5598f48ff1b53f5ac335c1cc
a95e4bb8452e8157ee3609e229a0f225c077f1e37da486372a10571af47e2544
ac4e131ca9a592d8d092e617c759bc5ac35d411a11fdf1610ba834330ab94d91
ad5fe8676b0575ec7c153706ff94e57eee1fb5b980b272fd00d1df2d65ffeefd
ada1d35cdc4afdc786e57989643d4d37db34ed53c605e6d3b131bd122a2421bc
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
afec36c7fafe144cf9764838c9a4b904620574aa3ff0e916463cbc9a48d02d78
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
be80913591c17f790159d4359575ae734126a3f10c646a12e496fa85dc412faf
c239f25cc0dd9c52307c39af6ff09742b27dc765f8e5693c1bf70b42462fa5d6
c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579
c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738
c65682c02e2f09d4b9b564cc342181a511e87b9112e50136c4037be2d0ac81a3
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cb8dba1403dc61aa8a33dedc4ba6471a9363d0736aaad60f0ae4ac4ee4bfc804
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
d51b25919a323fc2c25976593c810742e0d961f6e07234c748358077919fa47f
d5484873e2e918333bfefa611442d92887ffe5559ff5e32f0f843c33bbddd699
de18f83fe5e106b0ff08097632c801d3b2a5744cb2040302314b3ed08d5c0c8e
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e19c3dee6442b5ec54cf729160788bc97767ee0a269e815b2fd4ac19308f9221
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e63cf738c3a577e286765aaa9de59ed4300f6bf8b5d34773d131afd3da456b9c
e6c5d9c776a3337cab158f0cc40633c067389097c0b70e97037f87e8f6bcb3d0
e719752a773076ca8e3f549032753877c83cafb2a640feb0886d9af24a3b44d3
ec043b3f5806877efdd0eab74639a8b8ab1b6305e6b766c5af5c4594ee1b6f2a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f323fc9e13fd6a7758914ff9eefe58a1828eceaf1fe979659b1117694910c1e4
f3c244d4e5a3dc2d17ce90f42a081749584de0ff8ac77bab2b67b1a2730e4c2c
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
ff6b89f29d4ba3d9f62a868f6735294942e07d9730ba38fd2ba70f77b3d58fc2

vncare.net Open in urlscan Pro 103.229.193.244 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

173 Requests

94 %HTTPS

58 %IPv6

38 Domains

52 Subdomains

41 IPs

9 Countries

3275 kBTransfer

6734 kBSize

41 Cookies

80 Outgoing links

Page URL History

Redirected requests

173 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

vncare.net Open in urlscan Pro
103.229.193.244 Public Scan

Screenshot
Live screenshot

Full Image

173
Requests

94 %
HTTPS

58 %
IPv6

38
Domains

52
Subdomains

41
IPs

9
Countries

3275 kB
Transfer

6734 kB
Size

41
Cookies

173 HTTP transactions
6 data transactions