nganhangs.com Open in urlscan Pro
125.212.226.33 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nganhangs.com/
Effective URL:
https://nganhangs.com/
Submission: On March 05 via api (March 5th 2023, 3:48:23 am UTC) from US — Scanned from DE

Summary HTTP 147 Redirects Links 79 Behaviour Indicators

Summary

This website contacted 31 IPs in 8 countries across 29 domains to perform 147 HTTP transactions. The main IP is 125.212.226.33, located in Hanoi, Viet Nam and belongs to VTDC-AS-VN Vietel - CHT Compamy Ltd, VN. The main domain is nganhangs.com.
TLS certificate: Issued by R3 on February 6th 2023. Valid for: 3 months.

This is the only time nganhangs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	125.212.226.33 125.212.226.33	38731 (VTDC-AS-V...) (VTDC-AS-VN Vietel - CHT Compamy Ltd)
3	125.212.226.20 125.212.226.20	7552 (VIETEL-AS...) (VIETEL-AS-AP Viettel Group)
17	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
3 34	2a00:1450:400... 2a00:1450:400d:80d::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:400d:805::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a00:1450:400... 2a00:1450:400d:80e::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:400d:808::2003	15169 (GOOGLE) (GOOGLE)
10	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a02:2638:3::f 2a02:2638:3::f	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638::21 2a02:2638::21	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:400d:807::2003	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
14	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
2 2	52.58.237.138 52.58.237.138	16509 (AMAZON-02) (AMAZON-02)
7	142.251.208.98 142.251.208.98	15169 (GOOGLE) (GOOGLE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	37.157.5.142 37.157.5.142	198622 (ADFORM) (ADFORM)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 1	2600:9000:220... 2600:9000:2204:a200:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	18.196.104.151 18.196.104.151	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::ac43:444e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	104.87.133.65 104.87.133.65	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	142.250.180.198 142.250.180.198	15169 (GOOGLE) (GOOGLE)
2 2	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	167.233.13.224 167.233.13.224	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700::68... 2606:4700::6812:7e05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
147	31

2 125.212.226.33 (Hanoi, Viet Nam) 1 redirects

ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN)

nganhangs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 125.212.226.20 (Hanoi, Viet Nam)

ASN7552 (VIETEL-AS-AP Viettel Group, VN)

s.tainhaccho.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:400d:80d::2001 (Ireland) 3 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:805::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80e::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:808::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::f (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::21 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.237.138 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-237-138.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.251.208.98 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s41-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.142 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2204:a200:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.104.151 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-104-151.eu-central-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.87.133.65 (Vienna, Austria) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-87-133-65.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.180.198 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.200.5.215 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7e05 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	googlesyndication.com 3 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 140	476 KB
25	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 202 ad.doubleclick.net — Cisco Umbrella Rank: 171	180 KB
17	criteo.net static.criteo.net — Cisco Umbrella Rank: 625 pix.eu.criteo.net — Cisco Umbrella Rank: 7936 csm.eu.criteo.net — Cisco Umbrella Rank: 8487	226 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 27714 ad4m.at — Cisco Umbrella Rank: 9563 assets.ad4m.at — Cisco Umbrella Rank: 36511	810 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	88 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	340 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	5 KB
5	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2	1 KB
3	criteo.com rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 13386 ads.eu.criteo.com — Cisco Umbrella Rank: 8414 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 9974	53 KB
3	tainhaccho.vn s.tainhaccho.vn — Cisco Umbrella Rank: 428706	169 KB
2	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 16123	1 KB
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2292	791 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431	2 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 590	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 726	2 KB
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 98313 static-de.ad4mat.net — Cisco Umbrella Rank: 125900	4 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	20 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8947	696 B
2	nganhangs.com 1 redirects nganhangs.com	8 KB
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 64834	473 B
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 79815	1 KB
1	lead-alliance.net 1 redirects www.lead-alliance.net — Cisco Umbrella Rank: 68257	438 B
1	telefonica-partner.de 1 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 71628	262 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 701	446 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1865	172 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 34240	611 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 195	5 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 855	606 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	44 KB
147	29

	Domain	Requested by
34	tpc.googlesyndication.com	3 redirects googleads.g.doubleclick.net nganhangs.com pagead2.googlesyndication.com tpc.googlesyndication.com
17	pagead2.googlesyndication.com	nganhangs.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
16	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net nganhangs.com
10	static.criteo.net	ads.eu.criteo.com
7	cm.g.doubleclick.net	googleads.g.doubleclick.net
7	www.gstatic.com	googleads.g.doubleclick.net
7	www.googletagservices.com	googleads.g.doubleclick.net
6	assets.ad4m.at	as.ad4m.at
6	fonts.googleapis.com	googleads.g.doubleclick.net
5	pix.eu.criteo.net	ads.eu.criteo.com
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
3	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
3	s.tainhaccho.vn	nganhangs.com s.tainhaccho.vn
2	ad.doubleclick.net	2 redirects
2	www.awin1.com	1 redirects as.ad4m.at
2	match.360yield.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	c1.adform.net	2 redirects
2	pm.w55c.net	2 redirects
2	csm.eu.criteo.net	ads.eu.criteo.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	nganhangs.com	1 redirects
1	www.conrad.de	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	www.lead-alliance.net	1 redirects
1	www.telefonica-partner.de	1 redirects
1	static-de.ad4mat.net	as.ad4m.at
1	s.ad.smaato.net	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	gcm.ctnsnet.com	1 redirects
1	prod-rtb.ad4mat.net	nganhangs.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl3.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	nganhangs.com
147	41

This site contains links to these domains. Also see Links.

Domain
agribank.nganhangs.com
bidv.nganhangs.com
vietinbank.nganhangs.com
vietcombank.nganhangs.com
techcombank.nganhangs.com
lienvietpostbank.nganhangs.com
acb.nganhangs.com
vpbank.nganhangs.com
dongabank.nganhangs.com
shb.nganhangs.com
mbbank.nganhangs.com
msb.nganhangs.com
scb.nganhangs.com
eximbank.nganhangs.com
seabank.nganhangs.com
vib.nganhangs.com
kienlongbank.nganhangs.com
oceanbank.nganhangs.com
abbank.nganhangs.com
hdbank.nganhangs.com
cbbank.nganhangs.com
vietabank.nganhangs.com
pvcombank.nganhangs.com
pgbank.nganhangs.com
ncb.nganhangs.com
ocb.nganhangs.com
sacombank.nganhangs.com
tpbank.nganhangs.com
bacabank.nganhangs.com
namabank.nganhangs.com
gpbank.nganhangs.com
anzbank.nganhangs.com
vietcapitalbank.nganhangs.com
vietbank.nganhangs.com
baovietbank.nganhangs.com
bankofvietnam.nganhangs.com
vdb.nganhangs.com
shinhanbank.nganhangs.com
citibank.nganhangs.com
hsbc.nganhangs.com
wooribank.nganhangs.com
deutschebank.nganhangs.com
commonwealthbank.nganhangs.com
uob.nganhangs.com
pbvn.nganhangs.com
cimbbank.nganhangs.com
bankofchina.nganhangs.com
southernbank.nganhangs.com
mdb.nganhangs.com

Subject Issuer	Validity	Valid
*.astro.zzz.vn R3	`2023-02-06` - `2023-05-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-04-05`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-04` - `2023-06-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-17`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-02-11` - `2023-05-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-02-12` - `2023-05-13`	3 months	crt.sh
www.awin1.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-18` - `2023-04-19`	a year	crt.sh

This page contains 25 frames:

Primary Page: https://nganhangs.com/
Frame ID: DE0DE57303E34F061CADC041050A8326
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/zrt_lookup.html
Frame ID: A554E50E85DE6319717268AAEF53846F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2988304919300319&output=html&h=100&slotname=8016901612&adk=1569719338&adf=759782219&pi=t.ma~as.8016901612&w=320&lmt=1677988095&format=320x100&url=https%3A%2F%2Fnganhangs.com%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677988094892&bpp=15&bdt=4399&idt=139&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&correlator=5094268564545&frm=20&pv=2&ga_vid=981491925.1677988095&ga_sid=1677988095&ga_hid=404723163&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=485&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759875%2C44759926%2C44759837%2C31071869%2C31072731%2C31072742&oid=2&pvsid=2360748523934508&tmod=1685346969&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=2rgK3V6CJo&p=https%3A//nganhangs.com&dtd=159
Frame ID: 15F3D208697776E0924E4006811DCB8F
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2988304919300319&output=html&h=250&slotname=3954313612&adk=3919420565&adf=1363369206&pi=t.ma~as.3954313612&w=300&lmt=1677988095&format=300x250&url=https%3A%2F%2Fnganhangs.com%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677988094929&bpp=3&bdt=4436&idt=130&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100&correlator=5094268564545&frm=20&pv=1&ga_vid=981491925.1677988095&ga_sid=1677988095&ga_hid=404723163&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=1475&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759875%2C44759926%2C44759837%2C31071869%2C31072731%2C31072742&oid=2&pvsid=2360748523934508&tmod=1685346969&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=GLJXKVGjlK&p=https%3A//nganhangs.com&dtd=133
Frame ID: C513DA66C7B0A8358051720DA936C843
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2988304919300319&output=html&adk=1812271804&adf=3025194257&lmt=1677988095&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fnganhangs.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677988095131&bpp=1&bdt=4638&idt=1&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100%2C300x250&nras=1&correlator=5094268564545&frm=20&pv=1&ga_vid=981491925.1677988095&ga_sid=1677988095&ga_hid=404723163&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759875%2C44759926%2C44759837%2C31071869%2C31072731%2C31072742&oid=2&pvsid=2360748523934508&tmod=1685346969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=14
Frame ID: 3E1422DB30215412D09DC8E948ABF21C
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZAQQ_wABRYAH_Ya8AA_bdNfi3bpkN9HiPzI0ug&u=%7C8tRUJWsFTb2zaAolTsGeLv3k0N1mEkEYWjdLCNiDZY4%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6xYuY_TMaYyggnppaH2YtyB3R8O-JNyzY1ZrvcXQmPHKnPS2BlqKCe1EQ3_BD8b9MregYl-jWyGpMZzz7z2XjyKtIYdlEy4dhaKSj9-rGNoiDUPFw-WH9363n3xSIzDKbLc-JTnokNNk4PZ-OG7_9virDThscnNSPPXwxliiaSXtAaM684lSjzvgo7nrzUjecVG1T2Hvvmvf2AC-nnVbK7F7ySQpJRknlgVxVpcw41pzbRdz_zzfQ5ewvT4H4dIm0XjpK-DT7NyDd2JO1TXgTFPDIZsRK2vFKfmbS3E0Kscf9WT30igkyHRYuTsxo8-K1T3YX6onk2dYc19kKy-ozSJeqTsZyZWT_YZeKXNwcjT6VmotfJ-Rtob99wanvLhKIXM0upZR_JcHaXrOdqxuY1hvBE5SSVQL7zh940fgAXsA-R0LGDQQmmtX__duIgz7J8T1BRV_NobEe1Q9RaBXbowYKlL4FrzZxcUDjrA8FyKLtRq9DGmT28TcXqeOwb7HP5dNQCRfSBV_5d-_F2TllsugzUKn7ImmHjAicpvzO2Nb45NT36BEe5U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQeCa_xAEZICLBbyN9u8P9La_oArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTI5ODgzMDQ5MTkzMDAzMTnIAQmpAnWupgio17E-qAMBqgTAAU_Qv28GybDiPTZw5JFG_7ZKHVLoPkLxbRfrwzcfh9zJFhTkwd44ETO7_Fvp9knoiSCaqnBdwcI7Z9tShr2gFG2Id2_ODJVkRxPRmIpA757xGe5M7u6g22TsC4mgmPYoX0tLV28wQemxWu-oVQ2h3_nUMmJ3kKgBcBP6E5LwqL8GrGGlrvORj8EsJ-UiHXGbRZFQ0md-oIiEnMt6iIzB9X1AFnOgqtHmWUSCaGevUhxqsVLwBh3pprC3K0EGVOhfpIAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2d3ti8cIqy22TDNKa66CPXFBBz3w%26client%3Dca-pub-2988304919300319%26adurl%3D
Frame ID: AFDEF6FC685965250A214A7E8584DBE9
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2988304919300319&output=html&h=600&adk=1851356459&adf=1325123703&pi=t.aa~a.245862488~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1677988095&rafmt=1&to=qs&pwprc=3223746819&format=300x600&url=https%3A%2F%2Fnganhangs.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677988095737&bpp=2&bdt=5244&idt=2&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1b7aa64c0a927f26-22670e8b3cdd00b3%3AT%3D1677988095%3ART%3D1677988095%3AS%3DALNI_MYV9I-1pnfZUY7kbPSlcIWRc_nezg&gpic=UID%3D00000bbf2fdb325e%3AT%3D1677988095%3ART%3D1677988095%3AS%3DALNI_MbqZzGtA5oZSQVS7RVE7vE7Wr64bQ&prev_fmts=320x100%2C300x250%2C0x0&nras=2&correlator=5094268564545&frm=20&pv=1&ga_vid=981491925.1677988095&ga_sid=1677988095&ga_hid=404723163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=1475&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759875%2C44759926%2C44759837%2C31071869%2C31072731%2C31072742&oid=2&psts=AD37Y7ut4TP65SENFPhBEWFS9v2KAJIl5DQwzZRfU8LGKizpjf6_M_wfVCyhq-Wpnaeq_HnrpzOHpb-0Yku90w%2CAD37Y7uRIT8UQY16wiODOTDyFKGV1xK3CUOSr4tK_BdJcbfztWv_3FFCDNy-ijUzHVl8xDP8v6d1LJ9YKXiGx7c&pvsid=2360748523934508&tmod=1685346969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=KMf77QV9pv&p=https%3A//nganhangs.com&dtd=15
Frame ID: 87CB76F891F72E0A354181087C137798
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Frame ID: 92FCCD265EC20328FADD324E1A6B2645
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Frame ID: DAB76875501E61871E64D7DF14DA12FA
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Frame ID: 151E41F3D04FD37962A125449DB49959
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Frame ID: DADB8B35B649E3C1A473E40FFDDFA2EC
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9sSoBG9D25FhvYLg3_iwWJ49bM2Qm57VxEM1rvvqfaE.js
Frame ID: 89D0006704D9903673A32ED55A04CFD6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CYsF7_xAEZJSVL-XZ7_UP766RkA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTg4MzA0OTE5MzAwMzE5yAEJqQJ1rqYIqNexPqgDAaoEvQFP0Nq5y7Duciq2rCTwSmnFpDuvJWaB1mifnHFDdFuUVvDwC_O0Wk__JGaEYwMHlCkekizzQwaeBIyRDhIJ2f-Nf4St5qbpzRem5Tfah3cEVm6cdeK6hZW3kn7AoxQ4q-MuCrsICN8h2c-Raqx6-P9des0UEneTlxaRmb83qxDmMeTeFX_pnHUr3_EtdA9dIcCuWTzcxIjZCOfiSeHz9O25b8jT3XZ0rqcCccHeRXf_xC-HCDszIxjzTnI2exqABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTI5ODgzMDQ5MTkzMDAzMTkYAA&sigh=nyDMdW9kzM4&uach_m=[UACH]&cid=CAQSOwDUE5ymDjH2X1QTcFq8r3EEY0E0W_vNKQ7LQCz4c74m1IKsZq9qvjc7yHzaqt79CN3zKgUh3YoWwQNQGAE
Frame ID: 187F273D9CF6FF14805BE46355196C0C
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hbxyafw700ngr0wvtecb2vv9djjgfe2qs8zckg7rns4rj2yc1ss27j8w8gwkdtq4ytx2ykbh1358e0ww27r3b7ep3yysxcwv5z2gn8td0gs7ezw1q412rh5qdav3f1qxhm0p1c5ydp1704g9qpef7bzfqmwm6xb1tqg73gyvdyxx22m29eh2mtpg08z28afkjm03nwmy5dh388f6s8nk3vze3wh5j0c65pbsg5b0qq41k2psk87hagfwd7zmsprnnchvk9fgwjnz4v34rqxft0hw3tz6dpd8aydegzytq354jfr3btvknpkgenm8xbe759ypk79v96ts6p7p4jebeegckw8a5bkye4v5fgvnxy0gc08sjvr9k9ac3vbvt4gp62q40x0rthdmaws3me92gf88tss9t7f0ndtnrq0jxg41y0mpy6s798vm81972f3gkyj7h38cw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMsJM_xAEZJSVL-XZ7_UP766RkA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTg4MzA0OTE5MzAwMzE5yAEJqQJ1rqYIqNexPqgDAaoEwAFP0Nq5y7Duciq2rCTwSmnFpDuvJWaB1mifnHFDdFuUVvDwC_O0Wk__JGaEYwMHlCkekizzQwaeBIyRDhIJ2f-Nf4St5qbpzRem5Tfah3cEVm6cdeK6hZW3kn7AoxQ4q-MuCrsICN8h2c-Raqx6-P9des0UEneTlxaRmb83qxDmMeTeFX_pnHUr3_EtdA9dIcCuWTzcxIjZSuXD2zYKc61x6IBFBz_mXJ4We2zUa28iRO3OmsOnPTTrm66pO9LNBCGABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3XHjoC4AZSmcpp-QMFaMv1HpShMA%26client%3Dca-pub-2988304919300319%26adurl%3D
Frame ID: 215FDAD3C5EDF082E0C67091101F1C64
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 854A70A45C41E16E59885E0F7B6085E1
Requests: 9 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: E6B08C4A1A20A277CC69D726C5BB6FF8
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 81726C9E4F6E46A487DF53B719CD22C5
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9sSoBG9D25FhvYLg3_iwWJ49bM2Qm57VxEM1rvvqfaE.js
Frame ID: 5A0C59AFC58E67A0000F4B8F37839EEE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9sSoBG9D25FhvYLg3_iwWJ49bM2Qm57VxEM1rvvqfaE.js
Frame ID: 4C65C8A57134BCD8EB13BE3B39170220
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9sSoBG9D25FhvYLg3_iwWJ49bM2Qm57VxEM1rvvqfaE.js
Frame ID: B8D78DD2F0EAE14FF3FFEDCC468329AB
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: A88D1BE8215C941B78823261167BA0AC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9sSoBG9D25FhvYLg3_iwWJ49bM2Qm57VxEM1rvvqfaE.js
Frame ID: 94A21E38DC2B7E35C2B2C05BCCCD2F43
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=117569%2C59040%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CzGDuRfYfZkPYfpHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=160&d=600&e=&g=363ba1db99e191a2b4e9674b269f0cf1%2F15175888619196785939&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1677988096645&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gg0vm2e7ypxr44aw2cs6dnyn6rnd9hqr0nqzw67yjkp93m3w67sjqe8s19fgm5szrp1e22jpsznyxwt37ep4e96cwdm22hq93ks4xydsqt6a4t0625pj17xzszychgbew84yznqeq5b1wv8g40dk1zv78w9dbvmg6xbh62abnva6tkn14qzr6ke70c5wggrndwan1q5nffdazkrwtmf57qkk7d2v11dk8d8fshh43z3h4h9eq6c67fmrask03awehn7ww39wf3yay7ybxnh3v16%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMsJM_xAEZJSVL-XZ7_UP766RkA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTg4MzA0OTE5MzAwMzE5yAEJqQJ1rqYIqNexPqgDAaoEwAFP0Nq5y7Duciq2rCTwSmnFpDuvJWaB1mifnHFDdFuUVvDwC_O0Wk__JGaEYwMHlCkekizzQwaeBIyRDhIJ2f-Nf4St5qbpzRem5Tfah3cEVm6cdeK6hZW3kn7AoxQ4q-MuCrsICN8h2c-Raqx6-P9des0UEneTlxaRmb83qxDmMeTeFX_pnHUr3_EtdA9dIcCuWTzcxIjZSuXD2zYKc61x6IBFBz_mXJ4We2zUa28iRO3OmsOnPTTrm66pO9LNBCGABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3XHjoC4AZSmcpp-QMFaMv1HpShMA%2526client%253Dca-pub-2988304919300319%2526adurl%253D&y=1&s=&z=0
Frame ID: F63A755F6704690A9C9FD59D522A6612
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E330E876EE458D9E9FB877BD238B31E6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4708F9973D6239BA91DD8235BC2B3D69
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Thông tin chi nhánh và ATM các ngân hàng ở Việt Nam

Page URL History Show full URLs

http://nganhangs.com/ HTTP 301
https://nganhangs.com/ Page URL

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

147
Requests

93 %
HTTPS

63 %
IPv6

29
Domains

41
Subdomains

31
IPs

8
Countries

2432 kB
Transfer

5186 kB
Size

29
Cookies

79 Outgoing links

These are links going to different origins than the main page.

URL: https://agribank.nganhangs.com/
Title: Agribank

Search URL Search Domain Scan URL

URL: https://bidv.nganhangs.com/
Title: BIDV

Search URL Search Domain Scan URL

URL: https://vietinbank.nganhangs.com/
Title: Vietinbank

Search URL Search Domain Scan URL

URL: https://vietcombank.nganhangs.com/
Title: Vietcombank

Search URL Search Domain Scan URL

URL: https://techcombank.nganhangs.com/
Title: Techcombank

Search URL Search Domain Scan URL

URL: https://lienvietpostbank.nganhangs.com/
Title: LienViet

Search URL Search Domain Scan URL

URL: https://acb.nganhangs.com/
Title: ACB

Search URL Search Domain Scan URL

URL: https://vpbank.nganhangs.com/
Title: VPBank

Search URL Search Domain Scan URL

URL: https://dongabank.nganhangs.com/
Title: DongABank

Search URL Search Domain Scan URL

URL: https://shb.nganhangs.com/
Title: SHB

Search URL Search Domain Scan URL

URL: https://mbbank.nganhangs.com/
Title: MB

Search URL Search Domain Scan URL

URL: https://msb.nganhangs.com/
Title: MSB

Search URL Search Domain Scan URL

URL: https://scb.nganhangs.com/
Title: SCB

Search URL Search Domain Scan URL

URL: https://eximbank.nganhangs.com/
Title: Eximbank

Search URL Search Domain Scan URL

URL: https://seabank.nganhangs.com/
Title: SeaBank

Search URL Search Domain Scan URL

URL: https://vib.nganhangs.com/
Title: VIB

Search URL Search Domain Scan URL

URL: https://kienlongbank.nganhangs.com/
Title: Kienlongbank

Search URL Search Domain Scan URL

URL: https://oceanbank.nganhangs.com/
Title: Oceanbank

Search URL Search Domain Scan URL

URL: https://abbank.nganhangs.com/
Title: ABBank

Search URL Search Domain Scan URL

URL: https://hdbank.nganhangs.com/
Title: HDBank

Search URL Search Domain Scan URL

URL: https://cbbank.nganhangs.com/
Title: CBBank

Search URL Search Domain Scan URL

URL: https://vietabank.nganhangs.com/
Title: VietABank

Search URL Search Domain Scan URL

URL: https://pvcombank.nganhangs.com/
Title: PVcomBank

Search URL Search Domain Scan URL

URL: https://pgbank.nganhangs.com/
Title: PGBank

Search URL Search Domain Scan URL

URL: https://ncb.nganhangs.com/
Title: NCB

Search URL Search Domain Scan URL

URL: https://ocb.nganhangs.com/
Title: OCB

Search URL Search Domain Scan URL

URL: https://sacombank.nganhangs.com/
Title: Sacombank

Search URL Search Domain Scan URL

URL: https://tpbank.nganhangs.com/
Title: TPBank

Search URL Search Domain Scan URL

URL: https://bacabank.nganhangs.com/
Title: BacABank

Search URL Search Domain Scan URL

URL: https://namabank.nganhangs.com/
Title: NamABank

Search URL Search Domain Scan URL

URL: https://gpbank.nganhangs.com/
Title: GPBank

Search URL Search Domain Scan URL

URL: https://anzbank.nganhangs.com/
Title: AnzBank

Search URL Search Domain Scan URL

URL: https://vietcapitalbank.nganhangs.com/
Title: VietCapitalBank

Search URL Search Domain Scan URL

URL: https://vietbank.nganhangs.com/
Title: VietBank

Search URL Search Domain Scan URL

URL: https://baovietbank.nganhangs.com/
Title: BaoVietBank

Search URL Search Domain Scan URL

URL: https://bankofvietnam.nganhangs.com/
Title: BankOfVietnam

Search URL Search Domain Scan URL

URL: https://vdb.nganhangs.com/
Title: VDB

Search URL Search Domain Scan URL

URL: https://shinhanbank.nganhangs.com/
Title: ShinhanBank

Search URL Search Domain Scan URL

URL: https://citibank.nganhangs.com/
Title: Citibank

Search URL Search Domain Scan URL

URL: https://hsbc.nganhangs.com/
Title: HSBC

Search URL Search Domain Scan URL

URL: https://wooribank.nganhangs.com/
Title: WooriBank

Search URL Search Domain Scan URL

URL: https://deutschebank.nganhangs.com/
Title: DeutscheBank

Search URL Search Domain Scan URL

URL: https://commonwealthbank.nganhangs.com/
Title: CommonwealthBank

Search URL Search Domain Scan URL

URL: https://uob.nganhangs.com/
Title: UOB

Search URL Search Domain Scan URL

URL: https://pbvn.nganhangs.com/
Title: PBVN

Search URL Search Domain Scan URL

URL: https://cimbbank.nganhangs.com/
Title: CIMBBank

Search URL Search Domain Scan URL

URL: https://bankofchina.nganhangs.com/
Title: BankOfChina

Search URL Search Domain Scan URL

URL: https://southernbank.nganhangs.com/
Title: SouthernBank

Search URL Search Domain Scan URL

URL: https://mdb.nganhangs.com/
Title: MDB

Search URL Search Domain Scan URL

URL: https://agribank.nganhangs.com/chi-nhanh/lai-chau/lai-chau/duong-dien-bien-phu/cn-lai-chau_adz
Title: Chi nhánh Lai Châu

Search URL Search Domain Scan URL

URL: https://agribank.nganhangs.com/chi-nhanh/kien-giang/kien-hai/xa-hon-tre/cn-kien-hai_aw6
Title: Chi nhánh Kiên Hải

Search URL Search Domain Scan URL

URL: https://agribank.nganhangs.com/chi-nhanh/thanh-hoa/ba-thuoc/duong-tinh-lo-217/cn-ba-thuoc_aj6
Title: Chi nhánh Bá Thước

Search URL Search Domain Scan URL

URL: https://agribank.nganhangs.com/chi-nhanh/ninh-binh/tam-diep/duong-quyet-thang/pgd-trung-son_a2f
Title: Phòng giao dịch Trung Sơn

Search URL Search Domain Scan URL

URL: https://agribank.nganhangs.com/chi-nhanh/thai-binh/tien-hai/xa-dong-long/pgd-dong-long_a81
Title: Phòng giao dịch Đông Long

Search URL Search Domain Scan URL

URL: https://agribank.nganhangs.com/chi-nhanh/hai-duong/ninh-giang/xa-tan-quang/pgd-tan-quang_aqk
Title: Phòng giao dịch Tân Quang

Search URL Search Domain Scan URL

URL: https://agribank.nganhangs.com/chi-nhanh/tuyen-quang/tuyen-quang/xa-luong-vuong/pgd-tan-binh-an_ar6
Title: Phòng Giao dịch Tân Bình An

Search URL Search Domain Scan URL

URL: https://agribank.nganhangs.com/chi-nhanh/ben-tre/giong-trom/xa-tan-hao/pgd-tan-hao_a4s
Title: Phòng giao dịch Tân Hào

Search URL Search Domain Scan URL

URL: https://mbbank.nganhangs.com/chi-nhanh/ha-noi/cau-giay/duong-hoang-quoc-viet/cn-hoang-quoc-viet_zq1
Title: Chi nhánh Hoàng Quốc Việt

Search URL Search Domain Scan URL

URL: https://agribank.nganhangs.com/chi-nhanh/ha-noi/ung-hoa/xa-dai-cuong/pgd-dai-cuong_aio
Title: Phòng giao dịch Đại Cường

Search URL Search Domain Scan URL

URL: https://agribank.nganhangs.com/chi-nhanh/nam-dinh/nam-dinh/duong-may-to/pgd-tran-hung-dao_a3i
Title: Phòng giao dịch Trần Hưng Đạo

Search URL Search Domain Scan URL

URL: https://agribank.nganhangs.com/chi-nhanh/ha-noi/dong-anh/xa-duc-tu/pgd-mai-lam_aac
Title: Phòng giao dịch Mai Lâm

Search URL Search Domain Scan URL

URL: https://agribank.nganhangs.com/chi-nhanh/kien-giang/chau-thanh/xa-mong-tho-b/pgd-cum-mong-tho_awk
Title: Phòng giao dịch Cụm Mong Thọ

Search URL Search Domain Scan URL

URL: https://agribank.nganhangs.com/chi-nhanh/can-tho/co-do/xa-trung-an/pgd-trung-an_axl
Title: Phòng giao dịch Trung An

Search URL Search Domain Scan URL

URL: https://agribank.nganhangs.com/chi-nhanh/ha-noi/soc-son/thi-tran-soc-son/pgd-trung-tam_8u
Title: Phòng giao dịch Trung tâm

Search URL Search Domain Scan URL

URL: https://shb.nganhangs.com/cay-atm/thai-binh/vu-thu/xa-dung-nghia/atm-11260002-774-xa-dung-nghia_v9f
Title: ATM 11260002 (774) Xã Dũng Nghĩa

Search URL Search Domain Scan URL

URL: https://shb.nganhangs.com/cay-atm/thai-binh/thai-binh/phuong-tran-hung-dao/atm-11260001-907-phuong-tran-hung-dao_v9g
Title: ATM 11260001 (907) Phường Trần Hưng Đạo

Search URL Search Domain Scan URL

URL: https://shb.nganhangs.com/cay-atm/vinh-phuc/phuc-yen/duong-tran-hung-dao/atm-11250101-702-tran-hung-dao_v29
Title: ATM 11250101 (702) Trần Hưng Đạo

Search URL Search Domain Scan URL

URL: https://shb.nganhangs.com/cay-atm/vinh-phuc/vinh-yen/duong-kim-ngoc/atm-11250004-kim-ngoc_v0f
Title: ATM 11250004 Kim Ngọc

Search URL Search Domain Scan URL

URL: https://shb.nganhangs.com/cay-atm/vinh-phuc/vinh-yen/atm-11250003-1293-cty-tnhh-daewoo-apparel-viet-nam_v2z
Title: ATM 11250003 (1293) Cty TNHH DAEWOO APPAREL Việt Nam

Search URL Search Domain Scan URL

URL: https://shb.nganhangs.com/cay-atm/vinh-phuc/vinh-yen/duong-me-linh/atm-11250001-628-me-lin_v28
Title: ATM 11250001 (628) Mê Lin

Search URL Search Domain Scan URL

URL: https://shb.nganhangs.com/cay-atm/hai-phong/an-duong/phuong-an-hung/atm-11240003-753-cong-ty-may-quoc-te-michelle-vina_v5c
Title: ATM 11240003(753) Công ty May Quốc tế Michelle Vina

Search URL Search Domain Scan URL

URL: https://shb.nganhangs.com/cay-atm/hai-phong/le-chan/duong-hang-kenh/atm-11230301-576-hang-ke_v49
Title: ATM 11230301(576) Hàng Kê

Search URL Search Domain Scan URL

URL: https://shb.nganhangs.com/cay-atm/quang-ninh/ha-long/duong-25-4/atm-11220001-568-duong-25-4_v4u
Title: ATM 11220001(568) Đường 25/4

Search URL Search Domain Scan URL

URL: https://shb.nganhangs.com/cay-atm/bac-ninh/tu-son/duong-ly-thai-to/atm-11210002-573-ly-thai-to_v3e
Title: ATM 11210002(573) Lý Thái Tổ

Search URL Search Domain Scan URL

URL: https://shb.nganhangs.com/cay-atm/ha-noi/ha-dong/phuong-mo-lao/atm-11200002-phuong-mo-lao_wct
Title: ATM 11200002 Phường Mỗ Lao

Search URL Search Domain Scan URL

URL: https://shb.nganhangs.com/cay-atm/ha-noi/hoan-kiem/phuong-hang-trong/atm-11180002-phuong-hang-trong_v0j
Title: ATM 11180002 Phường Hàng Trống

Search URL Search Domain Scan URL

URL: https://shb.nganhangs.com/cay-atm/thai-nguyen/thai-nguyen/duong-duong-tu-minh/atm-11270002-duong-tu-minh_vzc
Title: ATM 11270002 Dương Tự Minh

Search URL Search Domain Scan URL

URL: https://shb.nganhangs.com/cay-atm/thai-nguyen/pho-yen/atm-11270101-duong-truong-chinh-phuong-ba-hang_vzb
Title: ATM 11270101 đường Trường Chinh phường Ba Hàng

Search URL Search Domain Scan URL

URL: https://shb.nganhangs.com/cay-atm/khanh-hoa/nha-trang/duong-le-thanh-ton/atm-12030002-959-le-thanh-t_v6o
Title: ATM 12030002 (959) Lê Thánh T

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nganhangs.com/ HTTP 301
https://nganhangs.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r HTTP 301
https://tpc.googlesyndication.com/simgad/624907996767536446

Request Chain 104

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBv0SwPbzgHHtwFbpR1hNj4&google_cver=1&google_push=Aa02lx-GorPMK0vbE-4NuBJIQDZjWoiCEq7O-3I-acKAsmaZlKrTIt-btfuW5gwG6ewk_SwTe4s0mkBzVWZrXQu-aPWILCJq7vZnYA HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBv0SwPbzgHHtwFbpR1hNj4&google_cver=1&google_push=Aa02lx-GorPMK0vbE-4NuBJIQDZjWoiCEq7O-3I-acKAsmaZlKrTIt-btfuW5gwG6ewk_SwTe4s0mkBzVWZrXQu-aPWILCJq7vZnYA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=T3hDT3dEMzExUHlGbTg1&google_gid=CAESEBv0SwPbzgHHtwFbpR1hNj4&google_cver=1&google_push=Aa02lx-GorPMK0vbE-4NuBJIQDZjWoiCEq7O-3I-acKAsmaZlKrTIt-btfuW5gwG6ewk_SwTe4s0mkBzVWZrXQu-aPWILCJq7vZnYA

Request Chain 105

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELyVcanEjTAplsqKL9ZH7as&google_cver=1&google_push=Aa02lx-XKUXbrHe7PYXKSlCv1GF_bLxy0UqTRpXZ0aGC3VRYFL8jj1sc8-ulWS22Mqb2yW3hIFZrBXcnqdY0IlQ7Basr4k9pk-wcRi4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx-XKUXbrHe7PYXKSlCv1GF_bLxy0UqTRpXZ0aGC3VRYFL8jj1sc8-ulWS22Mqb2yW3hIFZrBXcnqdY0IlQ7Basr4k9pk-wcRi4&google_hm=U5MRTihSRx-4GODV-HYV_WU

Request Chain 107

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPiReVNvRHNzvXNa9Gdt6VM&google_cver=1&google_push=Aa02lx-zXwn77BiH5U681u1H6qFOyFjJR-MDEahJ5M3UtzU6dYZ-Q_5bF45X4kMejj1Kd5HQVJGmhGbOE3BCf9p6H2NLcKLuCR2x8Ro HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPiReVNvRHNzvXNa9Gdt6VM&google_cver=1&google_push=Aa02lx-zXwn77BiH5U681u1H6qFOyFjJR-MDEahJ5M3UtzU6dYZ-Q_5bF45X4kMejj1Kd5HQVJGmhGbOE3BCf9p6H2NLcKLuCR2x8Ro HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzIxMTM1NTY3NDU4OTA4NTA5Nw&google_push=Aa02lx-zXwn77BiH5U681u1H6qFOyFjJR-MDEahJ5M3UtzU6dYZ-Q_5bF45X4kMejj1Kd5HQVJGmhGbOE3BCf9p6H2NLcKLuCR2x8Ro

Request Chain 108

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIIIybJITQziyoAXzggZQHc&google_cver=1&google_push=Aa02lx8BH4juzdQHvfJHcYx0FkCEHOoG2onGnXdXy_Tsht6SyUagJeGQwQc_XbeRlpzM-tUPe1b_Y2IL3XrO30qoF_IfxAnK1pdtog0 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEIIIybJITQziyoAXzggZQHc&google_push=Aa02lx8BH4juzdQHvfJHcYx0FkCEHOoG2onGnXdXy_Tsht6SyUagJeGQwQc_XbeRlpzM-tUPe1b_Y2IL3XrO30qoF_IfxAnK1pdtog0&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIIIybJITQziyoAXzggZQHc&google_hm=ZAQRAJQEDPGXDfPBJ6ahpQAACJQAAAAB&google_nid=index&google_push=Aa02lx8BH4juzdQHvfJHcYx0FkCEHOoG2onGnXdXy_Tsht6SyUagJeGQwQc_XbeRlpzM-tUPe1b_Y2IL3XrO30qoF_IfxAnK1pdtog0

Request Chain 109

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEEo24tonEsbZT7f0a0lQSUs&google_cver=1&google_push=Aa02lx_Le3DCvGMQgtUeX7iYfaky-lksFvvLKqSCOPW5PVPGQx_NSxyr06cTNkTo8xvzxSLDYQYFTgKkKzTmqPQEZ65ZDPsK1qNY9w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_Le3DCvGMQgtUeX7iYfaky-lksFvvLKqSCOPW5PVPGQx_NSxyr06cTNkTo8xvzxSLDYQYFTgKkKzTmqPQEZ65ZDPsK1qNY9w

Request Chain 110

https://match.360yield.com/match/ebda?google_gid=CAESEEYYaE21f8gT1Ho77AQFOyE&google_cver=1&google_push=Aa02lx_qYIBlEWeO5NuvqEgCTruLau61cD0qmckvuXQqzbQbWIX7mgU8b0YuBL52J79NVFV15HW6Ru0TF8TzcupHcbsaFrVgSRr5ccI HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEEYYaE21f8gT1Ho77AQFOyE&google_cver=1&google_push=Aa02lx_qYIBlEWeO5NuvqEgCTruLau61cD0qmckvuXQqzbQbWIX7mgU8b0YuBL52J79NVFV15HW6Ru0TF8TzcupHcbsaFrVgSRr5ccI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TYOVlzxsTpyOM_ofYMHBmw&google_push=Aa02lx_qYIBlEWeO5NuvqEgCTruLau61cD0qmckvuXQqzbQbWIX7mgU8b0YuBL52J79NVFV15HW6Ru0TF8TzcupHcbsaFrVgSRr5ccI

Request Chain 115

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r HTTP 301
https://tpc.googlesyndication.com/simgad/624907996767536446

Request Chain 119

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r HTTP 301
https://tpc.googlesyndication.com/simgad/624907996767536446

Request Chain 127

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 142

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3DviewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CLH4y-Pww_0CFQqB_QcdoFkFZg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3DviewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023030504481782392365095X117679V1226132702MSviewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023030504481782392365095X117679V1226132702MSviewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218

Request Chain 145

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1677988096_9002f9c0-bb08-11ed-9881-2239064e14e3&insert=AW&&gdpr=0&gdpr_consent=

147 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
nganhangs.com/
Redirect Chain

http://nganhangs.com/
https://nganhangs.com/

40 KB
8 KB

689ms
229ms

Document
text/html

125.212.226.33
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://nganhangs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 125.212.226.33 Hanoi, Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: /
Resource Hash: ed773c71e49307a42a45ada232f27a113a6d6ee8c6ab32ab166aaefaa9a56521

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1330
cache-control: max-age=1800, public
content-encoding: gzip
content-length: 7816
content-type: text/html;charset=UTF-8
date: Sun, 05 Mar 2023 03:25:59 GMT
expires: Sun, 05 Mar 2023 03:56:00 GMT

Redirect headers

age: 0
connection: close
content-length: 0
date: Sun, 05 Mar 2023 03:48:09 GMT
location: https://nganhangs.com/

GET
H2 200 nh01.css
s.tainhaccho.vn/css/nganhang/ 30 KB
6 KB 4389ms
451ms Stylesheet
text/css 125.212.226.20
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tainhaccho.vn/css/nganhang/nh01.css
Requested by: Host: nganhangs.com
URL: https://nganhangs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 125.212.226.20 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: /
Resource Hash: 42ebd50a92c1ffd283607771976ef0781cd4b23ded88f9afad64026e12e86f0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nganhangs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 14:53:16 GMT
content-encoding: gzip
age: 305697
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 5813
expires: Sun, 03 Jan 2040 00:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
48 KB 138ms
56ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: nganhangs.com
URL: https://nganhangs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

300072e571e9790f36bce7d2531f74b6321f5092c4d1d29a81f7cb2d9016fd0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nganhangs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48434
x-xss-protection: 0
server: cafe
etag: 9227208944109575831
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 05 Mar 2023 03:48:10 GMT

GET
H2 200 jq.js Show response
s.tainhaccho.vn/js/ 85 KB
85 KB 4387ms
450ms Script
text/javascript 125.212.226.20
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tainhaccho.vn/js/jq.js
Requested by: Host: nganhangs.com
URL: https://nganhangs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 125.212.226.20 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: /
Resource Hash: 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nganhangs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: text/javascript;charset=utf-8
date: Wed, 01 Mar 2023 14:51:40 GMT
cache-control: public, max-age=31536000
age: 305793
accept-ranges: bytes
content-length: 86709
expires: Sun, 03 Jan 2040 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 58ms
37ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-5334604-42

Requested by

Host: nganhangs.com
URL: https://nganhangs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d046aae671e978ca3055c6be4a32c0d3a63a74a37f8d57af615709d28541d43c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nganhangs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44806
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 05 Mar 2023 03:48:10 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/ Frame A554 10 KB
5 KB 28ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nganhangs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 30478
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Mar 2023 19:20:12 GMT
etag: 2378337311435320485
expires: Sat, 18 Mar 2023 19:20:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/ 362 KB
119 KB 68ms
68ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2988304919300319&plah=nganhangs.com&bust=31072742

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a9dfdaa3052c92b5c6c3ca648b69bd14c5af640a3c2004837a2b68d1354b025

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nganhangs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122001
x-xss-protection: 0
server: cafe
etag: 6959816002217272037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 05 Mar 2023 03:48:14 GMT

GET
H2 200 b.png
s.tainhaccho.vn/css/nganhang/images/ 78 KB
79 KB 444ms
444ms Image
image/png 125.212.226.20
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tainhaccho.vn/css/nganhang/images/b.png
Requested by: Host: s.tainhaccho.vn
URL: https://s.tainhaccho.vn/css/nganhang/nh01.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 125.212.226.20 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: /
Resource Hash: e816058647d210f8d34b9750266c4b230a3a840eab115a3840db261846890437

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tainhaccho.vn/css/nganhang/nh01.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/png
date: Wed, 01 Mar 2023 14:53:16 GMT
cache-control: public, max-age=31536000
age: 305698
accept-ranges: bytes
content-length: 80374
expires: Sun, 03 Jan 2040 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
606 B 129ms
42ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=nganhangs.com&callback=_gfp_s_&client=ca-pub-2988304919300319

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2988304919300319&plah=nganhangs.com&bust=31072742

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c670776197e499445774c3a6173553b47feb3c5526b59976436497fee88c2920

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nganhangs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 180ms
43ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nganhangs.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nganhangs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 115ms
41ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nganhangs.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nganhangs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 15F3 106 KB
35 KB 312ms
311ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2988304919300319&output=html&h=100&slotname=8016901612&adk=1569719338&adf=759782219&pi=t.ma~as.8016901612&w=320&lmt=1677988095&format=320x100&url=https%3A%2F%2Fnganhangs.com%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677988094892&bpp=15&bdt=4399&idt=139&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&correlator=5094268564545&frm=20&pv=2&ga_vid=981491925.1677988095&ga_sid=1677988095&ga_hid=404723163&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=485&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759875%2C44759926%2C44759837%2C31071869%2C31072731%2C31072742&oid=2&pvsid=2360748523934508&tmod=1685346969&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=2rgK3V6CJo&p=https%3A//nganhangs.com&dtd=159

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

354802fb4ef4238d377ebbfe1d97bcb9c230ef94d48225effeb6ff81de5b49b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nganhangs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35240
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 03:48:15 GMT
expires: Sun, 05 Mar 2023 03:48:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C513 23 KB
10 KB 253ms
252ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2988304919300319&output=html&h=250&slotname=3954313612&adk=3919420565&adf=1363369206&pi=t.ma~as.3954313612&w=300&lmt=1677988095&format=300x250&url=https%3A%2F%2Fnganhangs.com%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677988094929&bpp=3&bdt=4436&idt=130&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100&correlator=5094268564545&frm=20&pv=1&ga_vid=981491925.1677988095&ga_sid=1677988095&ga_hid=404723163&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=1475&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759875%2C44759926%2C44759837%2C31071869%2C31072731%2C31072742&oid=2&pvsid=2360748523934508&tmod=1685346969&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=GLJXKVGjlK&p=https%3A//nganhangs.com&dtd=133

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08c5ec3de7ac7fd5de23fb89c047439660bc2b6411b1c2da221114cceba25e03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nganhangs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10235
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 03:48:15 GMT
expires: Sun, 05 Mar 2023 03:48:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 52ms
51ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=A&id=back-to-top&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: nganhangs.com
URL: https://nganhangs.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nganhangs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 03:48:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3E14 604 KB
98 KB 450ms
449ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2988304919300319&output=html&adk=1812271804&adf=3025194257&lmt=1677988095&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fnganhangs.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677988095131&bpp=1&bdt=4638&idt=1&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100%2C300x250&nras=1&correlator=5094268564545&frm=20&pv=1&ga_vid=981491925.1677988095&ga_sid=1677988095&ga_hid=404723163&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759875%2C44759926%2C44759837%2C31071869%2C31072731%2C31072742&oid=2&pvsid=2360748523934508&tmod=1685346969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=14

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e74f13644c40b8c8b6da102afae4aa68322e69ff870de3fa3313be4f3fd9612

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nganhangs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 99854
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 03:48:15 GMT
expires: Sun, 05 Mar 2023 03:48:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5334604-42

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nganhangs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 05 Mar 2023 03:19:39 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1716
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sun, 05 Mar 2023 05:19:39 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
204 B 14ms
14ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=404723163&t=pageview&_s=1&dl=https%3A%2F%2Fnganhangs.com%2F&ul=en-us&de=UTF-8&dt=Th%C3%B4ng%20tin%20chi%20nh%C3%A1nh%20v%C3%A0%20ATM%20c%C3%A1c%20ng%C3%A2n%20h%C3%A0ng%20%E1%BB%9F%20Vi%E1%BB%87t%20Nam&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=916184963&gjid=252508526&cid=981491925.1677988095&tid=UA-5334604-42&_gid=78127083.1677988095&_r=1&gtm=457e3310&z=1858055034

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nganhangs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 03:48:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nganhangs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame C513 3 KB
1 KB 129ms
41ms Script
text/javascript 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2988304919300319&output=html&h=250&slotname=3954313612&adk=3919420565&adf=1363369206&pi=t.ma~as.3954313612&w=300&lmt=1677988095&format=300x250&url=https%3A%2F%2Fnganhangs.com%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677988094929&bpp=3&bdt=4436&idt=130&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100&correlator=5094268564545&frm=20&pv=1&ga_vid=981491925.1677988095&ga_sid=1677988095&ga_hid=404723163&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=1475&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759875%2C44759926%2C44759837%2C31071869%2C31072731%2C31072742&oid=2&pvsid=2360748523934508&tmod=1685346969&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=GLJXKVGjlK&p=https%3A//nganhangs.com&dtd=133

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 13:37:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51046
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Mar 2023 13:37:29 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame C513 20 KB
9 KB 108ms
20ms Script
text/javascript 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 18:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33494
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Mar 2023 18:30:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C513 158 KB
49 KB 153ms
78ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Mar 2023 03:48:15 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C513 0
0 53ms
53ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cl2Je_xAEZICLBbyN9u8P9La_oArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTI5ODgzMDQ5MTkzMDAzMTnIAQmpAnWupgio17E-qAMBqgS9AU_Qv28GybDiPTZw5JFG_7ZKHVLoPkLxbRfrwzcfh9zJFhTkwd44ETO7_Fvp9knoiSCaqnBdwcI7Z9tShr2gFG2Id2_ODJVkRxPRmIpA757xGe5M7u6g22TsC4mgmPYoX0tLV28wQemxWu-oVQ2h3_nUMmJ3kKgBcBP6E5LwqL8GrGGlrvORj8EsJ-UiHXGbRZFQ0md-oIjGnuroDwNd5sLcAtBwl3ceUFCI3m2BSp7eeW9W9KL3iqgygcUV64AG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjk4ODMwNDkxOTMwMDMxORgA&sigh=os841QMXTAY&uach_m=[UACH]&cid=CAQSGwDUE5ym-PU1iGMLS4GhJhzTVMlIWxWfFdAAjBgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2988304919300319&output=html&h=250&slotname=3954313612&adk=3919420565&adf=1363369206&pi=t.ma~as.3954313612&w=300&lmt=1677988095&format=300x250&url=https%3A%2F%2Fnganhangs.com%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677988094929&bpp=3&bdt=4436&idt=130&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100&correlator=5094268564545&frm=20&pv=1&ga_vid=981491925.1677988095&ga_sid=1677988095&ga_hid=404723163&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=1475&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759875%2C44759926%2C44759837%2C31071869%2C31072731%2C31072742&oid=2&pvsid=2360748523934508&tmod=1685346969&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=GLJXKVGjlK&p=https%3A//nganhangs.com&dtd=133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 05 Mar 2023 03:48:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 05 Mar 2023 03:48:15 GMT

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame C513 0
0 171ms
13ms Fetch 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kqW_EN2BMKwC-gGdg2ICAgAAALKII1KRi_AwK-WvnBD-EARklTS3qKAv8QUTHQAAEgAACg5BUVVEQVFZQkFRRVBBUQ&wp=ZAQQ_wABRYAH_Ya8AA_bdNfi3bpkN9HiPzI0ug

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:15 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 194896
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame AFDE 162 KB
53 KB 86ms
57ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZAQQ_wABRYAH_Ya8AA_bdNfi3bpkN9HiPzI0ug&u=%7C8tRUJWsFTb2zaAolTsGeLv3k0N1mEkEYWjdLCNiDZY4%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6xYuY_TMaYyggnppaH2YtyB3R8O-JNyzY1ZrvcXQmPHKnPS2BlqKCe1EQ3_BD8b9MregYl-jWyGpMZzz7z2XjyKtIYdlEy4dhaKSj9-rGNoiDUPFw-WH9363n3xSIzDKbLc-JTnokNNk4PZ-OG7_9virDThscnNSPPXwxliiaSXtAaM684lSjzvgo7nrzUjecVG1T2Hvvmvf2AC-nnVbK7F7ySQpJRknlgVxVpcw41pzbRdz_zzfQ5ewvT4H4dIm0XjpK-DT7NyDd2JO1TXgTFPDIZsRK2vFKfmbS3E0Kscf9WT30igkyHRYuTsxo8-K1T3YX6onk2dYc19kKy-ozSJeqTsZyZWT_YZeKXNwcjT6VmotfJ-Rtob99wanvLhKIXM0upZR_JcHaXrOdqxuY1hvBE5SSVQL7zh940fgAXsA-R0LGDQQmmtX__duIgz7J8T1BRV_NobEe1Q9RaBXbowYKlL4FrzZxcUDjrA8FyKLtRq9DGmT28TcXqeOwb7HP5dNQCRfSBV_5d-_F2TllsugzUKn7ImmHjAicpvzO2Nb45NT36BEe5U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQeCa_xAEZICLBbyN9u8P9La_oArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTI5ODgzMDQ5MTkzMDAzMTnIAQmpAnWupgio17E-qAMBqgTAAU_Qv28GybDiPTZw5JFG_7ZKHVLoPkLxbRfrwzcfh9zJFhTkwd44ETO7_Fvp9knoiSCaqnBdwcI7Z9tShr2gFG2Id2_ODJVkRxPRmIpA757xGe5M7u6g22TsC4mgmPYoX0tLV28wQemxWu-oVQ2h3_nUMmJ3kKgBcBP6E5LwqL8GrGGlrvORj8EsJ-UiHXGbRZFQ0md-oIiEnMt6iIzB9X1AFnOgqtHmWUSCaGevUhxqsVLwBh3pprC3K0EGVOhfpIAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2d3ti8cIqy22TDNKa66CPXFBBz3w%26client%3Dca-pub-2988304919300319%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e5d14ab3fcc3ce05c053ddb58862ba11d6424f75e1d8c508253aa875f95c6a73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 03:48:14 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=kofmSMN3C-aA7CVIGKjIaSfL6msLazrIR7lChv3gmz2VDqB3r0-XLoRXd6fSTsRoV9Ztu_WyMI8RW9KAlTKXYSNRSlLPuztRTO1znGnelUwXZJlsfy__P81An7eyZZRSTAlnxAtIJucxWyejkmMNTpCfS5J_nXTjyv_dZE00ET5p0o6d2sDbI1rsw5ZtHRPxWNpjEzYEafodQR4gbNtML3vKn5jsWwXeBlFFhyf__G2uEo6DyW0VRaB7-FQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 42865871
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ Frame 15F3 4 KB
1 KB 106ms
45ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2988304919300319&output=html&h=100&slotname=8016901612&adk=1569719338&adf=759782219&pi=t.ma~as.8016901612&w=320&lmt=1677988095&format=320x100&url=https%3A%2F%2Fnganhangs.com%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677988094892&bpp=15&bdt=4399&idt=139&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&correlator=5094268564545&frm=20&pv=2&ga_vid=981491925.1677988095&ga_sid=1677988095&ga_hid=404723163&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=485&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759875%2C44759926%2C44759837%2C31071869%2C31072731%2C31072742&oid=2&pvsid=2360748523934508&tmod=1685346969&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=2rgK3V6CJo&p=https%3A//nganhangs.com&dtd=159

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 05 Mar 2023 03:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 03:11:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Mar 2023 03:48:15 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 15F3 2 KB
818 B 97ms
41ms Script
text/javascript 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 18:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33494
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Mar 2023 18:30:01 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame 15F3 22 KB
9 KB 78ms
22ms Script
text/javascript 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 13:37:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51046
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Mar 2023 13:37:29 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 15F3 3 KB
1 KB 93ms
42ms Script
text/javascript 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 13:37:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51046
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Mar 2023 13:37:29 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 15F3 20 KB
8 KB 81ms
26ms Script
text/javascript 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 18:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33494
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Mar 2023 18:30:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 15F3 158 KB
48 KB 163ms
120ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Mar 2023 03:48:15 GMT

GET
H2 200 32a90be408c9c7ee7210a0b41533c7d1.js Show response
www.gstatic.com/mysidia/ Frame 15F3 34 KB
14 KB 107ms
21ms Script
text/javascript 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/32a90be408c9c7ee7210a0b41533c7d1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97216833c4b179d99561e8d7690aca967286ef9e6c61180b9d1a2fbd24ef8d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 03:22:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174344
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14300
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 02:16:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 01 Jun 2023 03:22:31 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 15F3 0
0 55ms
54ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMQtS_xAEZMzBBKzB9u8Pr5Ob2A7vg8Shbr_Ir6y_DszHmqb9CBABIITe2x9gleKQgqAHoAGwuqHXA8gBCakCda6mCKjXsT6oAwHIA8sEqgTGAU_QZJyiMvZYTrKvoMxDG0eLpT8uSRtB9ZmbINaQt_siQT3TiBrVGERsN4gC0Oip1IJghsIlo_26a-_IWXuIWgL-AztYY-kQ3eTWFfJOH8P8bVveTCD737q0nlPw1AHfw9ueBTHoSqXSbJrE4VourRMJhxQk6vZN_fKF0uBVLiwlvUMNj3Vm_mZxxMRiRvdRIT6ki1e3jQc2Vk7eFBQMBIr7ORcBAhWIW6Q_GlzTI4lScI7kpSGm8yHuqlQQNHd90LWNTgxL8MAEyZipquADkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8X3rT6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQm6sB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwyIFALQFQGAFwGyFxwKGggAEhRwdWItMjk4ODMwNDkxOTMwMDMxORgA&sigh=ktTm0aFMVZ8&uach_m=[UACH]&cid=CAQSGwDUE5ymkP_j2a2RD8wZJ9moLle8PpYQspoa7BgB&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2988304919300319&output=html&h=100&slotname=8016901612&adk=1569719338&adf=759782219&pi=t.ma~as.8016901612&w=320&lmt=1677988095&format=320x100&url=https%3A%2F%2Fnganhangs.com%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677988094892&bpp=15&bdt=4399&idt=139&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&correlator=5094268564545&frm=20&pv=2&ga_vid=981491925.1677988095&ga_sid=1677988095&ga_hid=404723163&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=485&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759875%2C44759926%2C44759837%2C31071869%2C31072731%2C31072742&oid=2&pvsid=2360748523934508&tmod=1685346969&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=2rgK3V6CJo&p=https%3A//nganhangs.com&dtd=159
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 05 Mar 2023 03:48:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 05 Mar 2023 03:48:15 GMT

GET
DATA 200
OK truncated
/ Frame 15F3 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

624907996767536446
tpc.googlesyndication.com/simgad/ Frame 15F3
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r
https://tpc.googlesyndication.com/simgad/624907996767536446

8 KB
9 KB

21ms
20ms

Image
image/png

2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/624907996767536446

Requested by

Protocol

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 21:24:25 GMT
x-content-type-options: nosniff
age: 195830
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8502
x-xss-protection: 0
last-modified: Tue, 09 Apr 2019 09:00:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Mar 2024 21:24:25 GMT

Redirect headers

date: Sat, 04 Mar 2023 18:48:41 GMT
x-content-type-options: nosniff
server: cafe
age: 32374
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/624907996767536446
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 03 Apr 2023 18:48:41 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame AFDE 2 KB
1 KB 42ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZAQQ_wABRYAH_Ya8AA_bdNfi3bpkN9HiPzI0ug&u=%7C8tRUJWsFTb2zaAolTsGeLv3k0N1mEkEYWjdLCNiDZY4%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6xYuY_TMaYyggnppaH2YtyB3R8O-JNyzY1ZrvcXQmPHKnPS2BlqKCe1EQ3_BD8b9MregYl-jWyGpMZzz7z2XjyKtIYdlEy4dhaKSj9-rGNoiDUPFw-WH9363n3xSIzDKbLc-JTnokNNk4PZ-OG7_9virDThscnNSPPXwxliiaSXtAaM684lSjzvgo7nrzUjecVG1T2Hvvmvf2AC-nnVbK7F7ySQpJRknlgVxVpcw41pzbRdz_zzfQ5ewvT4H4dIm0XjpK-DT7NyDd2JO1TXgTFPDIZsRK2vFKfmbS3E0Kscf9WT30igkyHRYuTsxo8-K1T3YX6onk2dYc19kKy-ozSJeqTsZyZWT_YZeKXNwcjT6VmotfJ-Rtob99wanvLhKIXM0upZR_JcHaXrOdqxuY1hvBE5SSVQL7zh940fgAXsA-R0LGDQQmmtX__duIgz7J8T1BRV_NobEe1Q9RaBXbowYKlL4FrzZxcUDjrA8FyKLtRq9DGmT28TcXqeOwb7HP5dNQCRfSBV_5d-_F2TllsugzUKn7ImmHjAicpvzO2Nb45NT36BEe5U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQeCa_xAEZICLBbyN9u8P9La_oArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTI5ODgzMDQ5MTkzMDAzMTnIAQmpAnWupgio17E-qAMBqgTAAU_Qv28GybDiPTZw5JFG_7ZKHVLoPkLxbRfrwzcfh9zJFhTkwd44ETO7_Fvp9knoiSCaqnBdwcI7Z9tShr2gFG2Id2_ODJVkRxPRmIpA757xGe5M7u6g22TsC4mgmPYoX0tLV28wQemxWu-oVQ2h3_nUMmJ3kKgBcBP6E5LwqL8GrGGlrvORj8EsJ-UiHXGbRZFQ0md-oIiEnMt6iIzB9X1AFnOgqtHmWUSCaGevUhxqsVLwBh3pprC3K0EGVOhfpIAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2d3ti8cIqy22TDNKa66CPXFBBz3w%26client%3Dca-pub-2988304919300319%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 28 Feb 2024 03:48:15 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame AFDE 2 KB
1 KB 42ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 28 Feb 2024 03:48:15 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame AFDE 308 B
636 B 42ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:15 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 28 Feb 2024 03:48:15 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame AFDE 293 B
621 B 41ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:15 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 28 Feb 2024 03:48:15 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame AFDE 43 B
348 B 91ms
15ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=rqgcPb_jr2DiokA7CNSPaws6vgNld4Hg_-qO9Lajts3Ap6CiRhlR044N1TrrKKK-34S4e3bq1O1EijF6o5RZ0KzRqAYQSvlYLnUh5vJl1fJ0G1oJE43W9KY9xFppETLVP2f9RKvkv9shrcGo78n8hXDsQ1htTfjhR762I6yn_wAorWRPJtVLJJnUIdCMZuW5eY_ys8YudOXtMKiyyeKrQ2duqJ9lKzNBrZ7YhRAWJsz3XA6al27f7_eWezJuJ2uX6VymTpnkkIJhOC3Hh07P4rvYC7IyZadbR4NK6cQtwhqasY6Sdvmsn_DaUwuCEqDbLPQJjWC01ju26pAfnZ03kdBjnUFejMxC_K7xTU8RlwI4h0mJxnhn5DtytlWvwQXa280lJU5zZXvWdqzsox6qOBBj9MAfmyrWIN711IlOom9UltaQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 03:48:14 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1817270
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame AFDE 12 KB
5 KB 35ms
15ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1402207
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0NTerOt8ztuXxy1QTxEBMxWKfI2Vhw%2FG%2Bq3lIiaCyjF6rW2bhMQjWIyYeD%2F5m%2FH65I3PTGGuqeUPuRLXC1t2TtlV8%2BlTcfXI%2BjSOl5Mz7GW9%2FBPOdgRCLOZLC9%2F2uOnwgUMsmVw1bp4RLbmE1BEk4yT5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a2f61dccc95380d-FRA
expires: Fri, 23 Feb 2024 03:48:15 GMT

GET
DATA 200
OK truncated
/ Frame C513 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8bf83c1ea634ce4343935bd62eeadd798915fdea690779d49e51785301402477

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame AFDE 46 KB
46 KB 54ms
24ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 28 Feb 2024 03:48:15 GMT

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame AFDE 38 KB
38 KB 58ms
29ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 28 Feb 2024 03:48:15 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame AFDE 12 KB
6 KB 16ms
16ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 28 Feb 2024 03:48:15 GMT

GET
H2 200 5a6fe197417d4ce9bdb647707e05df6d_cpn_300x250_1.jpg
static.criteo.net/design/dt/3018/230224/ Frame AFDE 19 KB
20 KB 19ms
17ms Image
image/jpeg 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/3018/230224/5a6fe197417d4ce9bdb647707e05df6d_cpn_300x250_1.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

5fae872d3779e0ea3ef74dcfac2369da2c449b65cf7f8a4be8a99e61bc67bcd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:15 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 11:51:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "63f8a4c0-4d06"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 19718
expires: Wed, 28 Feb 2024 03:48:15 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame AFDE 6 KB
7 KB 76ms
33ms Image
image/png 2a02:2638:3::f
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=132&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F220816%2F12fb120e95e748649ddf448647896ee5_logo_colorset_3_square.png&v=3&w=596&s=hu703w649tXrGcNQG5N5gka_

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

534fc06c45c7d01a29fa7853ca5aa95056e4202703b843b27c0db36210c63a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:15 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29570864
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6635
expires: Sat, 10 Feb 2024 09:56:00 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame AFDE 66 KB
66 KB 72ms
30ms Image
image/webp 2a02:2638:3::f
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F1726%2F230220%2F2a917a34c2cd49518054a98843ac6a6b_img_vertical_1.jpg&v=3&w=1200&s=NE-o0HZ-3jSRh62fLaQqI8Au

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

f852a640d9413c89c9791db8cdd4b3f95c5495d15f15bb6c59f376d096ae8d2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:15 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30104606
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 67622
expires: Fri, 16 Feb 2024 14:11:42 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame AFDE 12 KB
13 KB 83ms
41ms Image
image/webp 2a02:2638:3::f
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1604937415%2F20266476-vrKTKEAg.jpg&v=3&w=400&s=AvtAcEtL_hyLQT9qUp7qRCSo&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

6eec6895639ac2f47ed6a7b248d7e6c1bc1df60b485d8e52c5fef6c77687721f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:15 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=210814
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 12630
expires: Tue, 07 Mar 2023 14:21:49 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame AFDE 16 KB
16 KB 66ms
24ms Image
image/webp 2a02:2638:3::f
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1572257596%2F19305493-37ZPPG7n.jpg&v=3&w=400&s=BjyPLb_T-MFxq0aSBo5BhvmZ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

d6146780779c2950fe7b895d70d665ca62b06ad838d72d5a53e97c7b774e50f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:15 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=280292
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16028
expires: Wed, 08 Mar 2023 09:39:48 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame AFDE 8 KB
8 KB 71ms
29ms Image
image/webp 2a02:2638:3::f
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1635342891%2F21272115-WfLqe6lm.jpg&v=3&w=400&s=uZhz8CpGn4TJo4GLUq1oQzZA&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

cbb5d0cd99752f39042ab89b65c414c46d91111198c4c805e45e8e807e77f46f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=280361
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7914
expires: Wed, 08 Mar 2023 09:40:57 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame AFDE 0
128 B 47ms
15ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=kofmSMN3C-aA7CVIGKjIaSfL6msLazrIR7lChv3gmz2VDqB3r0-XLoRXd6fSTsRoV9Ztu_WyMI8RW9KAlTKXYSNRSlLPuztRTO1znGnelUwXZJlsfy__P81An7eyZZRSTAlnxAtIJucxWyejkmMNTpCfS5J_nXTjyv_dZE00ET5p0o6d2sDbI1rsw5ZtHRPxWNpjEzYEafodQR4gbNtML3vKn5jsWwXeBlFFhyf__G2uEo6DyW0VRaB7-FQ&sds=2&rev=84953.2&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 05 Mar 2023 03:48:15 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame AFDE 2 KB
1 KB 18ms
17ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 28 Feb 2024 03:48:15 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame AFDE 2 KB
1 KB 17ms
17ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 28 Feb 2024 03:48:15 GMT

GET
DATA 200
OK truncated
/ Frame 15F3 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e10fab83f715fa5685e424ee6e3077c97ed60b4d6c8f478b0ecd81cd3e03212f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 15F3 16 KB
16 KB 83ms
20ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 16:57:30 GMT
x-content-type-options: nosniff
age: 298245
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 16:57:30 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/ 150 KB
51 KB 58ms
57ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/reactive_library_fy2021.js?bust=31072742

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee5af1417e7680b3e586cc42b82044fabb835357817527a8cd665db4d1116077

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nganhangs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52365
x-xss-protection: 0
server: cafe
etag: 4256113730055225994
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Mar 2023 03:48:15 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 44ms
43ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nganhangs.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nganhangs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 43ms
42ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nganhangs.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nganhangs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 87CB 32 KB
12 KB 146ms
146ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2988304919300319&output=html&h=600&adk=1851356459&adf=1325123703&pi=t.aa~a.245862488~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1677988095&rafmt=1&to=qs&pwprc=3223746819&format=300x600&url=https%3A%2F%2Fnganhangs.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677988095737&bpp=2&bdt=5244&idt=2&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1b7aa64c0a927f26-22670e8b3cdd00b3%3AT%3D1677988095%3ART%3D1677988095%3AS%3DALNI_MYV9I-1pnfZUY7kbPSlcIWRc_nezg&gpic=UID%3D00000bbf2fdb325e%3AT%3D1677988095%3ART%3D1677988095%3AS%3DALNI_MbqZzGtA5oZSQVS7RVE7vE7Wr64bQ&prev_fmts=320x100%2C300x250%2C0x0&nras=2&correlator=5094268564545&frm=20&pv=1&ga_vid=981491925.1677988095&ga_sid=1677988095&ga_hid=404723163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=1475&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759875%2C44759926%2C44759837%2C31071869%2C31072731%2C31072742&oid=2&psts=AD37Y7ut4TP65SENFPhBEWFS9v2KAJIl5DQwzZRfU8LGKizpjf6_M_wfVCyhq-Wpnaeq_HnrpzOHpb-0Yku90w%2CAD37Y7uRIT8UQY16wiODOTDyFKGV1xK3CUOSr4tK_BdJcbfztWv_3FFCDNy-ijUzHVl8xDP8v6d1LJ9YKXiGx7c&pvsid=2360748523934508&tmod=1685346969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=KMf77QV9pv&p=https%3A//nganhangs.com&dtd=15

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

142d4c82b3124e9fe52bab08f9deb2257c7b4df2fac7b8d7586fedbe337f9626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nganhangs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 12694
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 03:48:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/ Frame 92FC 10 KB
4 KB 8ms
8ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nganhangs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29216
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Mar 2023 19:41:19 GMT
etag: 2378337311435320485
expires: Sat, 18 Mar 2023 19:41:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/ Frame DAB7 10 KB
4 KB 8ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nganhangs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29216
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Mar 2023 19:41:19 GMT
etag: 2378337311435320485
expires: Sat, 18 Mar 2023 19:41:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/ Frame 151E 10 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nganhangs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29216
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Mar 2023 19:41:19 GMT
etag: 2378337311435320485
expires: Sat, 18 Mar 2023 19:41:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/ Frame DADB 10 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nganhangs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29216
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Mar 2023 19:41:19 GMT
etag: 2378337311435320485
expires: Sat, 18 Mar 2023 19:41:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 9sSoBG9D25FhvYLg3_iwWJ49bM2Qm57VxEM1rvvqfaE.js Show response
pagead2.googlesyndication.com/bg/ Frame 89D0 36 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sSoBG9D25FhvYLg3_iwWJ49bM2Qm57VxEM1rvvqfaE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4a8046f43db9161bd82e0dff8b0589e3d6ccd909b9ed5c44335aefbea7da1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 13:37:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 137445
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14343
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Mar 2024 13:37:30 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 92FC 4 KB
709 B 46ms
42ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 05 Mar 2023 03:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 02:14:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Mar 2023 03:48:15 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 92FC 205 B
518 B 22ms
20ms Image
image/png 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:27:56 GMT
x-content-type-options: nosniff
age: 1219
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 04 Mar 2024 03:27:56 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 92FC 604 B
695 B 23ms
20ms Image
image/png 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 23:52:06 GMT
x-content-type-options: nosniff
age: 14169
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 03 Mar 2024 23:52:06 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/elements/html/ Frame 92FC 20 KB
8 KB 23ms
21ms Script
text/javascript 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e37316f20ee8564506ca9dbf035ba412ef6f79d7fd534c98b6f7d2bd49e11dc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 19:00:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31663
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8547
x-xss-protection: 0
server: cafe
etag: 17360858034827311943
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Mar 2023 19:00:32 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame DAB7 4 KB
694 B 42ms
42ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 05 Mar 2023 03:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 02:23:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Mar 2023 03:48:15 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame DAB7 2 KB
765 B 20ms
20ms Script
text/javascript 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 18:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33494
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Mar 2023 18:30:01 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame DAB7 22 KB
9 KB 21ms
20ms Script
text/javascript 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 13:37:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51046
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Mar 2023 13:37:29 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame DAB7 3 KB
1 KB 26ms
26ms Script
text/javascript 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 13:37:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51046
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Mar 2023 13:37:29 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame DAB7 20 KB
8 KB 24ms
23ms Script
text/javascript 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 18:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33494
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Mar 2023 18:30:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DAB7 158 KB
48 KB 87ms
86ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Mar 2023 03:48:15 GMT

GET
H2 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame DAB7 34 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 08:23:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 415501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 07:42:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 29 May 2023 08:23:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 151E 4 KB
694 B 44ms
44ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 05 Mar 2023 03:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 02:29:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Mar 2023 03:48:15 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 151E 2 KB
765 B 21ms
20ms Script
text/javascript 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 18:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33494
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Mar 2023 18:30:01 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame 151E 22 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 13:37:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51046
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Mar 2023 13:37:29 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 151E 3 KB
1 KB 26ms
26ms Script
text/javascript 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 13:37:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51046
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Mar 2023 13:37:29 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 151E 20 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 18:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33494
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Mar 2023 18:30:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 151E 158 KB
48 KB 180ms
178ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Mar 2023 03:48:16 GMT

GET
H2 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame 151E 34 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 08:23:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 415501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 07:42:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 29 May 2023 08:23:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame DADB 3 KB
674 B 43ms
42ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 05 Mar 2023 03:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 03:27:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Mar 2023 03:48:15 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame DADB 2 KB
765 B 20ms
20ms Script
text/javascript 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 18:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33494
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Mar 2023 18:30:01 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame DADB 22 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 13:37:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51046
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Mar 2023 13:37:29 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame DADB 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 13:37:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51046
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Mar 2023 13:37:29 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame DADB 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 18:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33494
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Mar 2023 18:30:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DADB 158 KB
49 KB 160ms
157ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Mar 2023 03:48:16 GMT

GET
H3 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame DADB 34 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 08:23:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 415501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 07:42:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 29 May 2023 08:23:14 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 187F 0
0 52ms
52ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYsF7_xAEZJSVL-XZ7_UP766RkA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTg4MzA0OTE5MzAwMzE5yAEJqQJ1rqYIqNexPqgDAaoEvQFP0Nq5y7Duciq2rCTwSmnFpDuvJWaB1mifnHFDdFuUVvDwC_O0Wk__JGaEYwMHlCkekizzQwaeBIyRDhIJ2f-Nf4St5qbpzRem5Tfah3cEVm6cdeK6hZW3kn7AoxQ4q-MuCrsICN8h2c-Raqx6-P9des0UEneTlxaRmb83qxDmMeTeFX_pnHUr3_EtdA9dIcCuWTzcxIjZCOfiSeHz9O25b8jT3XZ0rqcCccHeRXf_xC-HCDszIxjzTnI2exqABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTI5ODgzMDQ5MTkzMDAzMTkYAA&sigh=nyDMdW9kzM4&uach_m=[UACH]&cid=CAQSOwDUE5ymDjH2X1QTcFq8r3EEY0E0W_vNKQ7LQCz4c74m1IKsZq9qvjc7yHzaqt79CN3zKgUh3YoWwQNQGAE

Requested by

Host: nganhangs.com
URL: https://nganhangs.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2988304919300319&output=html&h=600&adk=1851356459&adf=1325123703&pi=t.aa~a.245862488~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1677988095&rafmt=1&to=qs&pwprc=3223746819&format=300x600&url=https%3A%2F%2Fnganhangs.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677988095737&bpp=2&bdt=5244&idt=2&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1b7aa64c0a927f26-22670e8b3cdd00b3%3AT%3D1677988095%3ART%3D1677988095%3AS%3DALNI_MYV9I-1pnfZUY7kbPSlcIWRc_nezg&gpic=UID%3D00000bbf2fdb325e%3AT%3D1677988095%3ART%3D1677988095%3AS%3DALNI_MbqZzGtA5oZSQVS7RVE7vE7Wr64bQ&prev_fmts=320x100%2C300x250%2C0x0&nras=2&correlator=5094268564545&frm=20&pv=1&ga_vid=981491925.1677988095&ga_sid=1677988095&ga_hid=404723163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=1475&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759875%2C44759926%2C44759837%2C31071869%2C31072731%2C31072742&oid=2&psts=AD37Y7ut4TP65SENFPhBEWFS9v2KAJIl5DQwzZRfU8LGKizpjf6_M_wfVCyhq-Wpnaeq_HnrpzOHpb-0Yku90w%2CAD37Y7uRIT8UQY16wiODOTDyFKGV1xK3CUOSr4tK_BdJcbfztWv_3FFCDNy-ijUzHVl8xDP8v6d1LJ9YKXiGx7c&pvsid=2360748523934508&tmod=1685346969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=KMf77QV9pv&p=https%3A//nganhangs.com&dtd=15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 05 Mar 2023 03:48:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 187F 0
0 61ms
17ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1j22ze1jzfq9935q8xz385mkyg0dcyah4cxmc7941h5g4123d6h2xe9bexvrmd4xgkag5gm825xh7k8j01pcypmfg134cj4nfqqpx7w5zxv70c0xpx56bepp9tsr3vrabp0deftjm11gfj47b83ym3v6ph6x6wp6vbybdp2vj98zsabf72yc2ahjgqn2xenxd467kvcr7cpbfqy9s0fpfv7ydm54049x0r8wwkqbegm28nn4fjttny6efm8mjy91pzzcjd2h1rk6pzmtd6pevn06nbwm7xmxwh4p02x5pjw7n2vd8d0mqrjx3t4f3d9chandas8j8esh94g8nprbrjgfwxdatt2vscc2jnwhxn39g59ennyka4p4nr1gsa8ssnyzppqj05yj120&b=ZAQQ_wALypQIu-zlAARXb5Tnx4HylICILZXX1g
Requested by: Host: nganhangs.com
URL: https://nganhangs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 05 Mar 2023 03:48:16 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 215F 2 KB
3 KB 61ms
28ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hbxyafw700ngr0wvtecb2vv9djjgfe2qs8zckg7rns4rj2yc1ss27j8w8gwkdtq4ytx2ykbh1358e0ww27r3b7ep3yysxcwv5z2gn8td0gs7ezw1q412rh5qdav3f1qxhm0p1c5ydp1704g9qpef7bzfqmwm6xb1tqg73gyvdyxx22m29eh2mtpg08z28afkjm03nwmy5dh388f6s8nk3vze3wh5j0c65pbsg5b0qq41k2psk87hagfwd7zmsprnnchvk9fgwjnz4v34rqxft0hw3tz6dpd8aydegzytq354jfr3btvknpkgenm8xbe759ypk79v96ts6p7p4jebeegckw8a5bkye4v5fgvnxy0gc08sjvr9k9ac3vbvt4gp62q40x0rthdmaws3me92gf88tss9t7f0ndtnrq0jxg41y0mpy6s798vm81972f3gkyj7h38cw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMsJM_xAEZJSVL-XZ7_UP766RkA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTg4MzA0OTE5MzAwMzE5yAEJqQJ1rqYIqNexPqgDAaoEwAFP0Nq5y7Duciq2rCTwSmnFpDuvJWaB1mifnHFDdFuUVvDwC_O0Wk__JGaEYwMHlCkekizzQwaeBIyRDhIJ2f-Nf4St5qbpzRem5Tfah3cEVm6cdeK6hZW3kn7AoxQ4q-MuCrsICN8h2c-Raqx6-P9des0UEneTlxaRmb83qxDmMeTeFX_pnHUr3_EtdA9dIcCuWTzcxIjZSuXD2zYKc61x6IBFBz_mXJ4We2zUa28iRO3OmsOnPTTrm66pO9LNBCGABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3XHjoC4AZSmcpp-QMFaMv1HpShMA%26client%3Dca-pub-2988304919300319%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2988304919300319&output=html&h=600&adk=1851356459&adf=1325123703&pi=t.aa~a.245862488~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1677988095&rafmt=1&to=qs&pwprc=3223746819&format=300x600&url=https%3A%2F%2Fnganhangs.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677988095737&bpp=2&bdt=5244&idt=2&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1b7aa64c0a927f26-22670e8b3cdd00b3%3AT%3D1677988095%3ART%3D1677988095%3AS%3DALNI_MYV9I-1pnfZUY7kbPSlcIWRc_nezg&gpic=UID%3D00000bbf2fdb325e%3AT%3D1677988095%3ART%3D1677988095%3AS%3DALNI_MbqZzGtA5oZSQVS7RVE7vE7Wr64bQ&prev_fmts=320x100%2C300x250%2C0x0&nras=2&correlator=5094268564545&frm=20&pv=1&ga_vid=981491925.1677988095&ga_sid=1677988095&ga_hid=404723163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=1475&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759875%2C44759926%2C44759837%2C31071869%2C31072731%2C31072742&oid=2&psts=AD37Y7ut4TP65SENFPhBEWFS9v2KAJIl5DQwzZRfU8LGKizpjf6_M_wfVCyhq-Wpnaeq_HnrpzOHpb-0Yku90w%2CAD37Y7uRIT8UQY16wiODOTDyFKGV1xK3CUOSr4tK_BdJcbfztWv_3FFCDNy-ijUzHVl8xDP8v6d1LJ9YKXiGx7c&pvsid=2360748523934508&tmod=1685346969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=KMf77QV9pv&p=https%3A//nganhangs.com&dtd=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd8ddbbbc930d6e4d1ee1d7230dedc6762fca28f5a3f869d3e3e43c95cd370c8

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7a2f61e01a602c77-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 03:48:16 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 187F 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 13:37:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51046
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Mar 2023 13:37:29 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 854A 1 KB
643 B 21ms
20ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 48977
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Mar 2023 14:11:58 GMT
etag: 48472445140208031
expires: Sun, 05 Mar 2023 14:11:58 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 187F 20 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 18:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33494
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Mar 2023 18:30:01 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 187F 0
0 37ms
14ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR_uVWG8WyOV03IAFuT1stYdpwFoxn1XfQ0quRMJwJd2fz5vAUAsWOfLu6dlgS4HvtAPY-FwoqpPxfrpLZZ5CBymqeSZQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2988304919300319&output=html&h=600&adk=1851356459&adf=1325123703&pi=t.aa~a.245862488~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1677988095&rafmt=1&to=qs&pwprc=3223746819&format=300x600&url=https%3A%2F%2Fnganhangs.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677988095737&bpp=2&bdt=5244&idt=2&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1b7aa64c0a927f26-22670e8b3cdd00b3%3AT%3D1677988095%3ART%3D1677988095%3AS%3DALNI_MYV9I-1pnfZUY7kbPSlcIWRc_nezg&gpic=UID%3D00000bbf2fdb325e%3AT%3D1677988095%3ART%3D1677988095%3AS%3DALNI_MbqZzGtA5oZSQVS7RVE7vE7Wr64bQ&prev_fmts=320x100%2C300x250%2C0x0&nras=2&correlator=5094268564545&frm=20&pv=1&ga_vid=981491925.1677988095&ga_sid=1677988095&ga_hid=404723163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=1475&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759875%2C44759926%2C44759837%2C31071869%2C31072731%2C31072742&oid=2&psts=AD37Y7ut4TP65SENFPhBEWFS9v2KAJIl5DQwzZRfU8LGKizpjf6_M_wfVCyhq-Wpnaeq_HnrpzOHpb-0Yku90w%2CAD37Y7uRIT8UQY16wiODOTDyFKGV1xK3CUOSr4tK_BdJcbfztWv_3FFCDNy-ijUzHVl8xDP8v6d1LJ9YKXiGx7c&pvsid=2360748523934508&tmod=1685346969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=KMf77QV9pv&p=https%3A//nganhangs.com&dtd=15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 187F 158 KB
48 KB 111ms
110ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Mar 2023 03:48:16 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E6B0 8 KB
895 B 46ms
45ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 05 Mar 2023 03:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 02:19:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Mar 2023 03:48:16 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame E6B0 2 KB
765 B 20ms
20ms Script
text/javascript 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 18:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33495
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Mar 2023 18:30:01 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame E6B0 22 KB
9 KB 26ms
26ms Script
text/javascript 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 13:37:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51047
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Mar 2023 13:37:29 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame E6B0 3 KB
1 KB 27ms
26ms Script
text/javascript 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 13:37:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51047
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Mar 2023 13:37:29 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame E6B0 20 KB
8 KB 27ms
26ms Script
text/javascript 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 18:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33495
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Mar 2023 18:30:01 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E6B0 158 KB
48 KB 107ms
107ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Mar 2023 03:48:16 GMT

GET
H3 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame E6B0 34 KB
14 KB 28ms
27ms Script
text/javascript 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 08:23:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 415502
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 07:42:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 29 May 2023 08:23:14 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame 215F 94 KB
12 KB 20ms
18ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hbxyafw700ngr0wvtecb2vv9djjgfe2qs8zckg7rns4rj2yc1ss27j8w8gwkdtq4ytx2ykbh1358e0ww27r3b7ep3yysxcwv5z2gn8td0gs7ezw1q412rh5qdav3f1qxhm0p1c5ydp1704g9qpef7bzfqmwm6xb1tqg73gyvdyxx22m29eh2mtpg08z28afkjm03nwmy5dh388f6s8nk3vze3wh5j0c65pbsg5b0qq41k2psk87hagfwd7zmsprnnchvk9fgwjnz4v34rqxft0hw3tz6dpd8aydegzytq354jfr3btvknpkgenm8xbe759ypk79v96ts6p7p4jebeegckw8a5bkye4v5fgvnxy0gc08sjvr9k9ac3vbvt4gp62q40x0rthdmaws3me92gf88tss9t7f0ndtnrq0jxg41y0mpy6s798vm81972f3gkyj7h38cw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMsJM_xAEZJSVL-XZ7_UP766RkA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTg4MzA0OTE5MzAwMzE5yAEJqQJ1rqYIqNexPqgDAaoEwAFP0Nq5y7Duciq2rCTwSmnFpDuvJWaB1mifnHFDdFuUVvDwC_O0Wk__JGaEYwMHlCkekizzQwaeBIyRDhIJ2f-Nf4St5qbpzRem5Tfah3cEVm6cdeK6hZW3kn7AoxQ4q-MuCrsICN8h2c-Raqx6-P9des0UEneTlxaRmb83qxDmMeTeFX_pnHUr3_EtdA9dIcCuWTzcxIjZSuXD2zYKc61x6IBFBz_mXJ4We2zUa28iRO3OmsOnPTTrm66pO9LNBCGABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3XHjoC4AZSmcpp-QMFaMv1HpShMA%26client%3Dca-pub-2988304919300319%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hbxyafw700ngr0wvtecb2vv9djjgfe2qs8zckg7rns4rj2yc1ss27j8w8gwkdtq4ytx2ykbh1358e0ww27r3b7ep3yysxcwv5z2gn8td0gs7ezw1q412rh5qdav3f1qxhm0p1c5ydp1704g9qpef7bzfqmwm6xb1tqg73gyvdyxx22m29eh2mtpg08z28afkjm03nwmy5dh388f6s8nk3vze3wh5j0c65pbsg5b0qq41k2psk87hagfwd7zmsprnnchvk9fgwjnz4v34rqxft0hw3tz6dpd8aydegzytq354jfr3btvknpkgenm8xbe759ypk79v96ts6p7p4jebeegckw8a5bkye4v5fgvnxy0gc08sjvr9k9ac3vbvt4gp62q40x0rthdmaws3me92gf88tss9t7f0ndtnrq0jxg41y0mpy6s798vm81972f3gkyj7h38cw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMsJM_xAEZJSVL-XZ7_UP766RkA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTg4MzA0OTE5MzAwMzE5yAEJqQJ1rqYIqNexPqgDAaoEwAFP0Nq5y7Duciq2rCTwSmnFpDuvJWaB1mifnHFDdFuUVvDwC_O0Wk__JGaEYwMHlCkekizzQwaeBIyRDhIJ2f-Nf4St5qbpzRem5Tfah3cEVm6cdeK6hZW3kn7AoxQ4q-MuCrsICN8h2c-Raqx6-P9des0UEneTlxaRmb83qxDmMeTeFX_pnHUr3_EtdA9dIcCuWTzcxIjZSuXD2zYKc61x6IBFBz_mXJ4We2zUa28iRO3OmsOnPTTrm66pO9LNBCGABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3XHjoC4AZSmcpp-QMFaMv1HpShMA%26client%3Dca-pub-2988304919300319%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1677666448
age: 321285
cf-polished: origSize=96968
x-guploader-uploadid: ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 01 Mar 2023 10:28:06 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1677666486645030
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2FDZtgbWiD5Nx08nfXUTjPFJkBBfr0N4EvRHH2pMu4eRrVGKNuzUCNwqN%2F3hPknWTYN0OgWbOE%2FinWFAbO1cdMvEDB0Da%2Fu27FgGyeXP9J2opMH3lT2zH24Dq0m77SB9MVnOJ%2BAHdCQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7a2f61e09aa92c77-FRA
expires: Sun, 05 Mar 2023 04:48:16 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 215F 35 KB
12 KB 44ms
17ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hbxyafw700ngr0wvtecb2vv9djjgfe2qs8zckg7rns4rj2yc1ss27j8w8gwkdtq4ytx2ykbh1358e0ww27r3b7ep3yysxcwv5z2gn8td0gs7ezw1q412rh5qdav3f1qxhm0p1c5ydp1704g9qpef7bzfqmwm6xb1tqg73gyvdyxx22m29eh2mtpg08z28afkjm03nwmy5dh388f6s8nk3vze3wh5j0c65pbsg5b0qq41k2psk87hagfwd7zmsprnnchvk9fgwjnz4v34rqxft0hw3tz6dpd8aydegzytq354jfr3btvknpkgenm8xbe759ypk79v96ts6p7p4jebeegckw8a5bkye4v5fgvnxy0gc08sjvr9k9ac3vbvt4gp62q40x0rthdmaws3me92gf88tss9t7f0ndtnrq0jxg41y0mpy6s798vm81972f3gkyj7h38cw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMsJM_xAEZJSVL-XZ7_UP766RkA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTg4MzA0OTE5MzAwMzE5yAEJqQJ1rqYIqNexPqgDAaoEwAFP0Nq5y7Duciq2rCTwSmnFpDuvJWaB1mifnHFDdFuUVvDwC_O0Wk__JGaEYwMHlCkekizzQwaeBIyRDhIJ2f-Nf4St5qbpzRem5Tfah3cEVm6cdeK6hZW3kn7AoxQ4q-MuCrsICN8h2c-Raqx6-P9des0UEneTlxaRmb83qxDmMeTeFX_pnHUr3_EtdA9dIcCuWTzcxIjZSuXD2zYKc61x6IBFBz_mXJ4We2zUa28iRO3OmsOnPTTrm66pO9LNBCGABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3XHjoC4AZSmcpp-QMFaMv1HpShMA%26client%3Dca-pub-2988304919300319%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 15:04:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 368692
etag: W/"70eeb1f8c81f2c3fac3062f4a8c34636"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GOm%2Fg5gyzkIyVg3Aklk1m8FfLD8r3cWgxOcjZ%2F8C0DxvzHqs8rwJLk5NkV%2BpGsF9H5ff52RbGu1Oxtem%2FU1VztXo4F%2BF3cIJJyHgBjfXXK4eLbGgPtSH5qpuX9RqiwJwC9w2tsQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7a2f61e0cac62c77-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 27 Feb 2023 22:45:45 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 854A
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBv0SwPbzgHHtwFbpR1hNj4&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBv0SwPbzgHHtwFbpR1hNj4&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=T3hDT3dEMzExUHlGbTg1&google_gid=CAESEBv0SwPbzgHHtwFbpR1hNj4&google_cver=1&google_push=Aa02lx-GorPMK0vbE-4NuBJIQDZjWoiCEq7O-3I-acKAsma...

170 B
232 B

46ms
45ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=T3hDT3dEMzExUHlGbTg1&google_gid=CAESEBv0SwPbzgHHtwFbpR1hNj4&google_cver=1&google_push=Aa02lx-GorPMK0vbE-4NuBJIQDZjWoiCEq7O-3I-acKAsmaZlKrTIt-btfuW5gwG6ewk_SwTe4s0mkBzVWZrXQu-aPWILCJq7vZnYA

Requested by

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 03:48:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 03:48:15 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-769-g9857bbc#rel-ec2-master i-00e9cdd216e437ef6@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=T3hDT3dEMzExUHlGbTg1&google_gid=CAESEBv0SwPbzgHHtwFbpR1hNj4&google_cver=1&google_push=Aa02lx-GorPMK0vbE-4NuBJIQDZjWoiCEq7O-3I-acKAsmaZlKrTIt-btfuW5gwG6ewk_SwTe4s0mkBzVWZrXQu-aPWILCJq7vZnYA
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 854A
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELyVcanEjTAplsqKL9ZH7as&google_cver=1&google_push=Aa02lx-XKUXbrHe7PYXKSlCv1GF_bLxy0UqTRpXZ0aGC3VRYFL8jj1sc8-ulWS22Mqb2yW3hIFZrBXcnqdY...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx-XKUXbrHe7PYXKSlCv1GF_bLxy0UqTRpXZ0aGC3VRYFL8jj1sc8-ulWS22Mqb2yW3hIFZrBXcnqdY0IlQ7Basr4k9pk-wcRi4&google_hm=U5MRTihSRx-4GODV-...

170 B
232 B

90ms
89ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx-XKUXbrHe7PYXKSlCv1GF_bLxy0UqTRpXZ0aGC3VRYFL8jj1sc8-ulWS22Mqb2yW3hIFZrBXcnqdY0IlQ7Basr4k9pk-wcRi4&google_hm=U5MRTihSRx-4GODV-HYV_WU

Requested by

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 03:48:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 05 Mar 2023 03:48:16 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx-XKUXbrHe7PYXKSlCv1GF_bLxy0UqTRpXZ0aGC3VRYFL8jj1sc8-ulWS22Mqb2yW3hIFZrBXcnqdY0IlQ7Basr4k9pk-wcRi4&google_hm=U5MRTihSRx-4GODV-HYV_WU
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 854A 0
172 B 77ms
14ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEKvRL4ao8DiiK123ssmQWLk&google_cver=1&google_push=Aa02lx_VG1O9S95dy6585O4V8vqQxO4ll5zbP_fvCndtQnwPTzNja9pTRFHKKeroYc7rH85auFFsE7QLCdSuXpJyjJdt3B4cxiBtZtk
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2988304919300319&output=html&h=600&adk=1851356459&adf=1325123703&pi=t.aa~a.245862488~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1677988095&rafmt=1&to=qs&pwprc=3223746819&format=300x600&url=https%3A%2F%2Fnganhangs.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677988095737&bpp=2&bdt=5244&idt=2&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1b7aa64c0a927f26-22670e8b3cdd00b3%3AT%3D1677988095%3ART%3D1677988095%3AS%3DALNI_MYV9I-1pnfZUY7kbPSlcIWRc_nezg&gpic=UID%3D00000bbf2fdb325e%3AT%3D1677988095%3ART%3D1677988095%3AS%3DALNI_MbqZzGtA5oZSQVS7RVE7vE7Wr64bQ&prev_fmts=320x100%2C300x250%2C0x0&nras=2&correlator=5094268564545&frm=20&pv=1&ga_vid=981491925.1677988095&ga_sid=1677988095&ga_hid=404723163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=1475&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759875%2C44759926%2C44759837%2C31071869%2C31072731%2C31072742&oid=2&psts=AD37Y7ut4TP65SENFPhBEWFS9v2KAJIl5DQwzZRfU8LGKizpjf6_M_wfVCyhq-Wpnaeq_HnrpzOHpb-0Yku90w%2CAD37Y7uRIT8UQY16wiODOTDyFKGV1xK3CUOSr4tK_BdJcbfztWv_3FFCDNy-ijUzHVl8xDP8v6d1LJ9YKXiGx7c&pvsid=2360748523934508&tmod=1685346969&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=KMf77QV9pv&p=https%3A//nganhangs.com&dtd=15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:16 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 854A
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPiReVNvRHNzvXNa9Gdt6VM&google_cver=1&google_push=Aa02lx-zXwn77BiH5U681u1H6qFOyFjJR-MDEahJ5M3UtzU6dYZ-Q_5bF45X4kMejj1Kd5HQVJGmhGbO...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPiReVNvRHNzvXNa9Gdt6VM&google_cver=1&google_push=Aa02lx-zXwn77BiH5U681u1H6qFOyFjJR-MDEahJ5M3UtzU6dYZ-Q_5bF45X4kMejj1Kd5HQVJG...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzIxMTM1NTY3NDU4OTA4NTA5Nw&google_push=Aa02lx-zXwn77BiH5U681u1H6qFOyFjJR-MDEahJ5M3UtzU6dYZ-Q_5bF45X4kMejj1Kd5HQVJGmhG...

170 B
232 B

45ms
45ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzIxMTM1NTY3NDU4OTA4NTA5Nw&google_push=Aa02lx-zXwn77BiH5U681u1H6qFOyFjJR-MDEahJ5M3UtzU6dYZ-Q_5bF45X4kMejj1Kd5HQVJGmhGbOE3BCf9p6H2NLcKLuCR2x8Ro

Requested by

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 03:48:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 05 Mar 2023 03:48:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzIxMTM1NTY3NDU4OTA4NTA5Nw&google_push=Aa02lx-zXwn77BiH5U681u1H6qFOyFjJR-MDEahJ5M3UtzU6dYZ-Q_5bF45X4kMejj1Kd5HQVJGmhGbOE3BCf9p6H2NLcKLuCR2x8Ro
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 854A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIIIybJITQziyoAXzggZQHc&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEIIIybJITQziyoAXzggZQHc&google_push=Aa...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIIIybJITQziyoAXzggZQHc&google_hm=ZAQRAJQEDPGXDfPBJ6ahpQAACJQAAAAB&google_nid=index&google_push=Aa02lx8BH4juzdQHvfJHcYx0FkCEHOoG2onGn...

170 B
232 B

44ms
43ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIIIybJITQziyoAXzggZQHc&google_hm=ZAQRAJQEDPGXDfPBJ6ahpQAACJQAAAAB&google_nid=index&google_push=Aa02lx8BH4juzdQHvfJHcYx0FkCEHOoG2onGnXdXy_Tsht6SyUagJeGQwQc_XbeRlpzM-tUPe1b_Y2IL3XrO30qoF_IfxAnK1pdtog0

Requested by

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 03:48:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 03:48:16 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIIIybJITQziyoAXzggZQHc&google_hm=ZAQRAJQEDPGXDfPBJ6ahpQAACJQAAAAB&google_nid=index&google_push=Aa02lx8BH4juzdQHvfJHcYx0FkCEHOoG2onGnXdXy_Tsht6SyUagJeGQwQc_XbeRlpzM-tUPe1b_Y2IL3XrO30qoF_IfxAnK1pdtog0
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 854A
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEEo24tonEsbZT7f0a0lQSUs&google_cver=1&google_push=Aa02lx_Le3DCvGMQgtUeX7iYfaky-lksFvvLKqSCOPW5PVPGQx_NSxyr06cTNkTo8xvzxSLDYQYFTgKkKzTmqPQE...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_Le3DCvGMQgtUeX7iYfaky-lksFvvLKqSCOPW5PVPGQx_NSxyr06cTNkTo8xvzxSLDYQYFTgKkKzTmqPQEZ65ZDPsK1qNY9w

170 B
329 B

44ms
44ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_Le3DCvGMQgtUeX7iYfaky-lksFvvLKqSCOPW5PVPGQx_NSxyr06cTNkTo8xvzxSLDYQYFTgKkKzTmqPQEZ65ZDPsK1qNY9w

Requested by

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 03:48:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 05 Mar 2023 03:48:16 GMT
via: 1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS50-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_Le3DCvGMQgtUeX7iYfaky-lksFvvLKqSCOPW5PVPGQx_NSxyr06cTNkTo8xvzxSLDYQYFTgKkKzTmqPQEZ65ZDPsK1qNY9w
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: n62YA3-MSfKngJnacBtZgLMJkFSEE6bw1fE4p5czXVTVy5627i3DlQ==

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 854A
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEEYYaE21f8gT1Ho77AQFOyE&google_cver=1&google_push=Aa02lx_qYIBlEWeO5NuvqEgCTruLau61cD0qmckvuXQqzbQbWIX7mgU8b0YuBL52J79NVFV15HW6Ru0TF8TzcupHcbsaFr...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEEYYaE21f8gT1Ho77AQFOyE&google_cver=1&google_push=Aa02lx_qYIBlEWeO5NuvqEgCTruLau61cD0qmckvuXQqzbQbWIX7mgU8b0YuBL52J79NVFV15HW6Ru0TF8TzcupH...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TYOVlzxsTpyOM_ofYMHBmw&google_push=Aa02lx_qYIBlEWeO5NuvqEgCTruLau61cD0qmckvuXQqzbQbWIX7mgU8b0YuBL52J79NVFV15HW6Ru0TF8Tzcup...

170 B
232 B

45ms
45ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TYOVlzxsTpyOM_ofYMHBmw&google_push=Aa02lx_qYIBlEWeO5NuvqEgCTruLau61cD0qmckvuXQqzbQbWIX7mgU8b0YuBL52J79NVFV15HW6Ru0TF8TzcupHcbsaFrVgSRr5ccI

Requested by

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 03:48:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TYOVlzxsTpyOM_ofYMHBmw&google_push=Aa02lx_qYIBlEWeO5NuvqEgCTruLau61cD0qmckvuXQqzbQbWIX7mgU8b0YuBL52J79NVFV15HW6Ru0TF8TzcupHcbsaFrVgSRr5ccI
access-control-allow-origin: *
date: Sun, 05 Mar 2023 03:48:16 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 854A 0
139 B 128ms
41ms Image
text/html 142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I0u2WSMhC3HLp1YoSi8-GC3sg8g528TXvKiWEvrfqKBaJeVwCedIUz41tpjVd7uWMi-_Za

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:16 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 187F 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e250995105aa2fcd6eda902bd6160bad1da1e763905a6661f1ae2a840467573

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8172 143 B
166 B 7ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 03:46:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DAB7 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

624907996767536446
tpc.googlesyndication.com/simgad/ Frame DAB7
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r
https://tpc.googlesyndication.com/simgad/624907996767536446

8 KB
8 KB

20ms
20ms

Image
image/png

2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/624907996767536446

Requested by

Host: nganhangs.com
URL: https://nganhangs.com/

Protocol

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 21:24:25 GMT
x-content-type-options: nosniff
age: 195831
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8502
x-xss-protection: 0
last-modified: Tue, 09 Apr 2019 09:00:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Mar 2024 21:24:25 GMT

Redirect headers

date: Sat, 04 Mar 2023 18:48:41 GMT
x-content-type-options: nosniff
server: cafe
age: 32375
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/624907996767536446
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 03 Apr 2023 18:48:41 GMT

GET
DATA 200
OK truncated
/ Frame DAB7 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 36e67c69a3ad905a064ab8db31d09d9d2fdfa99f42d932de7e028b2178159552

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 9sSoBG9D25FhvYLg3_iwWJ49bM2Qm57VxEM1rvvqfaE.js Show response
pagead2.googlesyndication.com/bg/ Frame 5A0C 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sSoBG9D25FhvYLg3_iwWJ49bM2Qm57VxEM1rvvqfaE.js

Requested by

Host: nganhangs.com
URL: https://nganhangs.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4a8046f43db9161bd82e0dff8b0589e3d6ccd909b9ed5c44335aefbea7da1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 13:37:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 137446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14343
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Mar 2024 13:37:30 GMT

GET
DATA 200
OK truncated
/ Frame 151E 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

624907996767536446
tpc.googlesyndication.com/simgad/ Frame 151E
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r
https://tpc.googlesyndication.com/simgad/624907996767536446

8 KB
8 KB

21ms
21ms

Image
image/png

2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/624907996767536446

Requested by

Host: nganhangs.com
URL: https://nganhangs.com/

Protocol

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 21:24:25 GMT
x-content-type-options: nosniff
age: 195831
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8502
x-xss-protection: 0
last-modified: Tue, 09 Apr 2019 09:00:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Mar 2024 21:24:25 GMT

Redirect headers

date: Sat, 04 Mar 2023 18:48:41 GMT
x-content-type-options: nosniff
server: cafe
age: 32375
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/624907996767536446
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 03 Apr 2023 18:48:41 GMT

GET
DATA 200
OK truncated
/ Frame 151E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 621cd4b2b1d8a875fcb17988e15e2a6de0b0a528f3b2641b1d66ca4f52756207

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DAB7 0
18 B 53ms
52ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C54kR_xAEZL6NCt-H9u8Pof2dmAHvg8Shbr_Ir6y_DszHmqb9CBABIITe2x9gleKQgqAHoAGwuqHXA8gBCakCda6mCKjXsT6oAwHIA8sEqgTDAU_Q5RVOvtHId4R7ZNXPseaFJ_hvXEYJibGrguEkBiX0Sw1sj7cA9qM7KPfsG1smgpIaNrc2RUYf3tMR494XLIMVdjJA1_zs1nNxQHLnNAMSHJUaEHqhJupk9Xw02MEZgVyONaGB6snhNkzXTCrJenv4QmjeKW_8t4c2_8HZZ7KWzmkBXVu80LM9Yg7hFbhd_rZ4rBqgWnHTpVR-g7wwfgpy-H5ag9GzQckKuAkWGARpEEn1sSjCKM2P9I8ILwJpViNEJ8AEyZipquADkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8X3rT6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQ-8MC0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwyIFALQFQGAFwGyFxwKGggAEhRwdWItMjk4ODMwNDkxOTMwMDMxORgA&sigh=FA1S0NFihnA&uach_m=[UACH]&cid=CAQSGwDUE5ymQxL6hAUQPO0qXJKom_tkaeROFABdYxgB&template_id=494&vis=1

Requested by

Host: nganhangs.com
URL: https://nganhangs.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 05 Mar 2023 03:48:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 215F 3 KB
4 KB 63ms
18ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3351
x-guploader-uploadid: ADPycds4_fkNWsUn9dqbK6vvrl69R7e2yptmTdP7xpUchNj65TN_2MLwN7wim7e5PV-VpnLQR6Er5SZaeY4xOYgj7O9fMJM4tduP
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uT7e0E9O4daSrXTCNLiMt5xAjjwwA9BNq7BBhW%2FBuOKQtjaiCIKPEq04LTrQznnEBQS3U6ccxt8EkESis%2BmNy5iy58GaroxghfDoHbFAH9LVyqp7f8xCGCHCY25impy3eil%2FD3rRACyzQ3NKlTRHfIBY"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7a2f61e24bd8365b-FRA
expires: Sun, 05 Mar 2023 03:41:24 GMT

GET
H3 200 9sSoBG9D25FhvYLg3_iwWJ49bM2Qm57VxEM1rvvqfaE.js Show response
pagead2.googlesyndication.com/bg/ Frame 4C65 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sSoBG9D25FhvYLg3_iwWJ49bM2Qm57VxEM1rvvqfaE.js

Requested by

Host: nganhangs.com
URL: https://nganhangs.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4a8046f43db9161bd82e0dff8b0589e3d6ccd909b9ed5c44335aefbea7da1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 13:37:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 137446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14343
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Mar 2024 13:37:30 GMT

GET
H3 200 9sSoBG9D25FhvYLg3_iwWJ49bM2Qm57VxEM1rvvqfaE.js Show response
pagead2.googlesyndication.com/bg/ Frame B8D7 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sSoBG9D25FhvYLg3_iwWJ49bM2Qm57VxEM1rvvqfaE.js

Requested by

Host: nganhangs.com
URL: https://nganhangs.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4a8046f43db9161bd82e0dff8b0589e3d6ccd909b9ed5c44335aefbea7da1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 13:37:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 137446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14343
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Mar 2024 13:37:30 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 151E 0
18 B 54ms
54ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C3MmW_xAEZL-NCt-H9u8Pof2dmAHvg8Shbr_Ir6y_DszHmqb9CBABIITe2x9gleKQgqAHoAGwuqHXA8gBCakCda6mCKjXsT6oAwHIA8sEqgTDAU_QETAtnA3h7iuISv9vRxdwBQeaHc3TSoYaHcJTDqEZMB-dDcv77W-zeWgxLzGrA1dtvCFN0BlgN1qR_fYNCNao4TmIiJdeI0qTKPZVeBOderdndhYzYiBG8yT5mJL1jvydPQfObnVpCPSpC5tBE7kh6oDnp_s_nEbLg762RD8h7SOwQTCUni_KTt9h55ksGkvYgQcxXk0rCblnIXaz_yXvBJGMm6rgrwkSo6oM_efKluO8xAbcaTdMr8zUBU2s38F-D8AEyZipquADkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8X3rT6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQ3f8B0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwyIFALQFQGAFwGyFxwKGggAEhRwdWItMjk4ODMwNDkxOTMwMDMxORgA&sigh=YHHcH9XKKtg&uach_m=[UACH]&cid=CAQSGwDUE5ymQxL6hAUQPO0qXJKom_tkaeROFABdYxgB&template_id=494&vis=1

Requested by

Host: nganhangs.com
URL: https://nganhangs.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 05 Mar 2023 03:48:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 frame.html Show response
ad4m.at/ Frame A88D 2 KB
1 KB 17ms
17ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 459778
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7a2f61e2280bbc03-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sun, 05 Mar 2023 03:48:16 GMT
expires: Thu, 19 Jan 2023 19:22:47 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MIC5snDDnSNuoe5dPz1rBf9kxxILuYATk9DvtGtRo%2BAa7ayYwOkQrB%2FTPk1PLjIwdUHwgT8oQLFCiS2GZXCU9AdyInl7b5lXt6FKEJ6tkgUJ4oI2H7c2ZjuuNLXmor80ZQCy5bI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8172
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

15ms
14ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 03:48:16 GMT
expires: Sun, 05 Mar 2023 03:48:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 03:48:16 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 9sSoBG9D25FhvYLg3_iwWJ49bM2Qm57VxEM1rvvqfaE.js Show response
pagead2.googlesyndication.com/bg/ Frame 94A2 36 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sSoBG9D25FhvYLg3_iwWJ49bM2Qm57VxEM1rvvqfaE.js

Requested by

Host: nganhangs.com
URL: https://nganhangs.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4a8046f43db9161bd82e0dff8b0589e3d6ccd909b9ed5c44335aefbea7da1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 13:37:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 137446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14343
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Mar 2024 13:37:30 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 95ms
53ms XHR
application/json 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230301&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27b77f45383ebe5002aac08aace232589d1144e5c7508b822b08b969fa2cee3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nganhangs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11200
x-xss-protection: 0

POST
H3 200 rs Show response
ad4m.at/ Frame 215F 1 KB
2 KB 29ms
28ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 430ad7d87dec1ab5c1234db1c8cc1d2f8530510f4000d1d3195a11be3b4bcfa4

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 05 Mar 2023 03:48:16 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=svvB1jxWNp25IyLZI0xmHVb9%2FTsHCJ9BFv2lVHxQKuXiWbNWePs7Yp56%2F%2FR9cCogJpnRXgGUZoYU8ePZ1hNrlLHOX278hBClf16TbpwPBYXEMTSrhQCwAeSmchJKYrWx%2BGgZdVc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7a2f61e3e9f435e4-FRA
x-backend-server: aa-reachservice-group-europe-west1-q70l
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 40ms
28ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a2f61e3c9da35e4-FRA
content-length: 24
content-type: text/plain
date: Sun, 05 Mar 2023 03:48:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WVawuVkC3idARmreIP6ob7Z6mOT9SE%2FOUTC%2FR89SvGlv3y6jrkn8oKLDafONBgKQsOsrN7P4f4poYBFE445iSE6iDITXgXkDCarTApqSQwTw21qEYTW%2BxXx%2FuQJE6ieSyDAisps%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-q70l

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 62ms
62ms Script
text/javascript 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nganhangs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 05 Mar 2023 03:48:16 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame F63A 9 KB
4 KB 33ms
33ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=117569%2C59040%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CzGDuRfYfZkPYfpHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=160&d=600&e=&g=363ba1db99e191a2b4e9674b269f0cf1%2F15175888619196785939&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1677988096645&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gg0vm2e7ypxr44aw2cs6dnyn6rnd9hqr0nqzw67yjkp93m3w67sjqe8s19fgm5szrp1e22jpsznyxwt37ep4e96cwdm22hq93ks4xydsqt6a4t0625pj17xzszychgbew84yznqeq5b1wv8g40dk1zv78w9dbvmg6xbh62abnva6tkn14qzr6ke70c5wggrndwan1q5nffdazkrwtmf57qkk7d2v11dk8d8fshh43z3h4h9eq6c67fmrask03awehn7ww39wf3yay7ybxnh3v16%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMsJM_xAEZJSVL-XZ7_UP766RkA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTg4MzA0OTE5MzAwMzE5yAEJqQJ1rqYIqNexPqgDAaoEwAFP0Nq5y7Duciq2rCTwSmnFpDuvJWaB1mifnHFDdFuUVvDwC_O0Wk__JGaEYwMHlCkekizzQwaeBIyRDhIJ2f-Nf4St5qbpzRem5Tfah3cEVm6cdeK6hZW3kn7AoxQ4q-MuCrsICN8h2c-Raqx6-P9des0UEneTlxaRmb83qxDmMeTeFX_pnHUr3_EtdA9dIcCuWTzcxIjZSuXD2zYKc61x6IBFBz_mXJ4We2zUa28iRO3OmsOnPTTrm66pO9LNBCGABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3XHjoC4AZSmcpp-QMFaMv1HpShMA%2526client%253Dca-pub-2988304919300319%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc18c269c69ac933db21112773ef567956f0cf5f50bdcbdb59b65830cc896707

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hbxyafw700ngr0wvtecb2vv9djjgfe2qs8zckg7rns4rj2yc1ss27j8w8gwkdtq4ytx2ykbh1358e0ww27r3b7ep3yysxcwv5z2gn8td0gs7ezw1q412rh5qdav3f1qxhm0p1c5ydp1704g9qpef7bzfqmwm6xb1tqg73gyvdyxx22m29eh2mtpg08z28afkjm03nwmy5dh388f6s8nk3vze3wh5j0c65pbsg5b0qq41k2psk87hagfwd7zmsprnnchvk9fgwjnz4v34rqxft0hw3tz6dpd8aydegzytq354jfr3btvknpkgenm8xbe759ypk79v96ts6p7p4jebeegckw8a5bkye4v5fgvnxy0gc08sjvr9k9ac3vbvt4gp62q40x0rthdmaws3me92gf88tss9t7f0ndtnrq0jxg41y0mpy6s798vm81972f3gkyj7h38cw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMsJM_xAEZJSVL-XZ7_UP766RkA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTg4MzA0OTE5MzAwMzE5yAEJqQJ1rqYIqNexPqgDAaoEwAFP0Nq5y7Duciq2rCTwSmnFpDuvJWaB1mifnHFDdFuUVvDwC_O0Wk__JGaEYwMHlCkekizzQwaeBIyRDhIJ2f-Nf4St5qbpzRem5Tfah3cEVm6cdeK6hZW3kn7AoxQ4q-MuCrsICN8h2c-Raqx6-P9des0UEneTlxaRmb83qxDmMeTeFX_pnHUr3_EtdA9dIcCuWTzcxIjZSuXD2zYKc61x6IBFBz_mXJ4We2zUa28iRO3OmsOnPTTrm66pO9LNBCGABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3XHjoC4AZSmcpp-QMFaMv1HpShMA%26client%3Dca-pub-2988304919300319%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7a2f61e4292dbc03-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 03:48:16 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E330 13 KB
5 KB 23ms
22ms Document
text/html 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nganhangs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 137446
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 13:37:30 GMT
expires: Sat, 02 Mar 2024 13:37:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4708 783 B
537 B 18ms
16ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

de3f338ac6b22ad70aa18d991d6f66cab193bbba456d7221a4052ba130c7ba40

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Zgvkx7f0QDkHZ56nnG7VVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nganhangs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-Zgvkx7f0QDkHZ56nnG7VVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 03:48:16 GMT
expires: Sun, 05 Mar 2023 03:48:16 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame F63A 94 KB
12 KB 17ms
17ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C59040%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CzGDuRfYfZkPYfpHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=160&d=600&e=&g=363ba1db99e191a2b4e9674b269f0cf1%2F15175888619196785939&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1677988096645&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gg0vm2e7ypxr44aw2cs6dnyn6rnd9hqr0nqzw67yjkp93m3w67sjqe8s19fgm5szrp1e22jpsznyxwt37ep4e96cwdm22hq93ks4xydsqt6a4t0625pj17xzszychgbew84yznqeq5b1wv8g40dk1zv78w9dbvmg6xbh62abnva6tkn14qzr6ke70c5wggrndwan1q5nffdazkrwtmf57qkk7d2v11dk8d8fshh43z3h4h9eq6c67fmrask03awehn7ww39wf3yay7ybxnh3v16%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMsJM_xAEZJSVL-XZ7_UP766RkA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTg4MzA0OTE5MzAwMzE5yAEJqQJ1rqYIqNexPqgDAaoEwAFP0Nq5y7Duciq2rCTwSmnFpDuvJWaB1mifnHFDdFuUVvDwC_O0Wk__JGaEYwMHlCkekizzQwaeBIyRDhIJ2f-Nf4St5qbpzRem5Tfah3cEVm6cdeK6hZW3kn7AoxQ4q-MuCrsICN8h2c-Raqx6-P9des0UEneTlxaRmb83qxDmMeTeFX_pnHUr3_EtdA9dIcCuWTzcxIjZSuXD2zYKc61x6IBFBz_mXJ4We2zUa28iRO3OmsOnPTTrm66pO9LNBCGABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3XHjoC4AZSmcpp-QMFaMv1HpShMA%2526client%253Dca-pub-2988304919300319%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=117569%2C59040%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CzGDuRfYfZkPYfpHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=160&d=600&e=&g=363ba1db99e191a2b4e9674b269f0cf1%2F15175888619196785939&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1677988096645&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gg0vm2e7ypxr44aw2cs6dnyn6rnd9hqr0nqzw67yjkp93m3w67sjqe8s19fgm5szrp1e22jpsznyxwt37ep4e96cwdm22hq93ks4xydsqt6a4t0625pj17xzszychgbew84yznqeq5b1wv8g40dk1zv78w9dbvmg6xbh62abnva6tkn14qzr6ke70c5wggrndwan1q5nffdazkrwtmf57qkk7d2v11dk8d8fshh43z3h4h9eq6c67fmrask03awehn7ww39wf3yay7ybxnh3v16%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMsJM_xAEZJSVL-XZ7_UP766RkA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTg4MzA0OTE5MzAwMzE5yAEJqQJ1rqYIqNexPqgDAaoEwAFP0Nq5y7Duciq2rCTwSmnFpDuvJWaB1mifnHFDdFuUVvDwC_O0Wk__JGaEYwMHlCkekizzQwaeBIyRDhIJ2f-Nf4St5qbpzRem5Tfah3cEVm6cdeK6hZW3kn7AoxQ4q-MuCrsICN8h2c-Raqx6-P9des0UEneTlxaRmb83qxDmMeTeFX_pnHUr3_EtdA9dIcCuWTzcxIjZSuXD2zYKc61x6IBFBz_mXJ4We2zUa28iRO3OmsOnPTTrm66pO9LNBCGABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3XHjoC4AZSmcpp-QMFaMv1HpShMA%2526client%253Dca-pub-2988304919300319%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1677666448
age: 321285
cf-polished: origSize=96968
x-guploader-uploadid: ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 01 Mar 2023 10:28:06 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1677666486645030
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gmU6fUvwWxXwsIIFXwnDELI06PpBsn%2BSw%2FabUqyfuYkPXlflWxwdknIPYfnQ2s7E2tASgYlA803k3igzBUIGwXbAsEsskkDmRNkMzFpmACR4SVwf6PMtAyxTyHXQFeiwIWrF4mrsXu8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7a2f61e46959bc03-FRA
expires: Sun, 05 Mar 2023 04:48:16 GMT

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame F63A 2 KB
3 KB 54ms
24ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C59040%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CzGDuRfYfZkPYfpHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=160&d=600&e=&g=363ba1db99e191a2b4e9674b269f0cf1%2F15175888619196785939&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1677988096645&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gg0vm2e7ypxr44aw2cs6dnyn6rnd9hqr0nqzw67yjkp93m3w67sjqe8s19fgm5szrp1e22jpsznyxwt37ep4e96cwdm22hq93ks4xydsqt6a4t0625pj17xzszychgbew84yznqeq5b1wv8g40dk1zv78w9dbvmg6xbh62abnva6tkn14qzr6ke70c5wggrndwan1q5nffdazkrwtmf57qkk7d2v11dk8d8fshh43z3h4h9eq6c67fmrask03awehn7ww39wf3yay7ybxnh3v16%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMsJM_xAEZJSVL-XZ7_UP766RkA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTg4MzA0OTE5MzAwMzE5yAEJqQJ1rqYIqNexPqgDAaoEwAFP0Nq5y7Duciq2rCTwSmnFpDuvJWaB1mifnHFDdFuUVvDwC_O0Wk__JGaEYwMHlCkekizzQwaeBIyRDhIJ2f-Nf4St5qbpzRem5Tfah3cEVm6cdeK6hZW3kn7AoxQ4q-MuCrsICN8h2c-Raqx6-P9des0UEneTlxaRmb83qxDmMeTeFX_pnHUr3_EtdA9dIcCuWTzcxIjZSuXD2zYKc61x6IBFBz_mXJ4We2zUa28iRO3OmsOnPTTrm66pO9LNBCGABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3XHjoC4AZSmcpp-QMFaMv1HpShMA%2526client%253Dca-pub-2988304919300319%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2266424
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uf8Pqdibbx%2FpO0Z7ygd%2BwnBA9WqUJueRjdDrtYyLzPGiEyI3z%2BscfixzidyKTh1K9xxpM0bqXeDTkwMEaBMh8CgGbTD8LXqWoBLOSWdoQi4Oj2WMxKsE0bfeKSLO5bJlRFrnbCZf%2BLvyIA5o"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a2f61e49cfc2c77-FRA
expires: Mon, 06 Mar 2023 03:48:16 GMT

GET
H2 200 B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame F63A 339 KB
340 KB 38ms
16ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C59040%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CzGDuRfYfZkPYfpHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=160&d=600&e=&g=363ba1db99e191a2b4e9674b269f0cf1%2F15175888619196785939&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1677988096645&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gg0vm2e7ypxr44aw2cs6dnyn6rnd9hqr0nqzw67yjkp93m3w67sjqe8s19fgm5szrp1e22jpsznyxwt37ep4e96cwdm22hq93ks4xydsqt6a4t0625pj17xzszychgbew84yznqeq5b1wv8g40dk1zv78w9dbvmg6xbh62abnva6tkn14qzr6ke70c5wggrndwan1q5nffdazkrwtmf57qkk7d2v11dk8d8fshh43z3h4h9eq6c67fmrask03awehn7ww39wf3yay7ybxnh3v16%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMsJM_xAEZJSVL-XZ7_UP766RkA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTg4MzA0OTE5MzAwMzE5yAEJqQJ1rqYIqNexPqgDAaoEwAFP0Nq5y7Duciq2rCTwSmnFpDuvJWaB1mifnHFDdFuUVvDwC_O0Wk__JGaEYwMHlCkekizzQwaeBIyRDhIJ2f-Nf4St5qbpzRem5Tfah3cEVm6cdeK6hZW3kn7AoxQ4q-MuCrsICN8h2c-Raqx6-P9des0UEneTlxaRmb83qxDmMeTeFX_pnHUr3_EtdA9dIcCuWTzcxIjZSuXD2zYKc61x6IBFBz_mXJ4We2zUa28iRO3OmsOnPTTrm66pO9LNBCGABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3XHjoC4AZSmcpp-QMFaMv1HpShMA%2526client%253Dca-pub-2988304919300319%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2507253
cf-polished: origFmt=png, origSize=563367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 347098
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Apr 2021 07:22:09 GMT
server: cloudflare
etag: "ff5ac113643d20bec15acfffe32cb75e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pkWPO3cB0Gd2B6hkS5pR4%2Fe4DAtoKS4iUu7hMx8f4VESG5FSs7PxCAb%2BVIQvPHiDe%2Fw%2FgjhMAH6o5LP%2BDD6UTZEdP%2BNobP9ob8Ig7UrgNXPrn9cEw6SXCnGL1kyvB5u%2BUYRvlX3RfbJBHojj"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a2f61e49cf82c77-FRA
expires: Mon, 06 Mar 2023 03:48:16 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame F63A 43 B
703 B 389ms
294ms Image
image/gif 104.87.133.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C59040%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CzGDuRfYfZkPYfpHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=160&d=600&e=&g=363ba1db99e191a2b4e9674b269f0cf1%2F15175888619196785939&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1677988096645&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gg0vm2e7ypxr44aw2cs6dnyn6rnd9hqr0nqzw67yjkp93m3w67sjqe8s19fgm5szrp1e22jpsznyxwt37ep4e96cwdm22hq93ks4xydsqt6a4t0625pj17xzszychgbew84yznqeq5b1wv8g40dk1zv78w9dbvmg6xbh62abnva6tkn14qzr6ke70c5wggrndwan1q5nffdazkrwtmf57qkk7d2v11dk8d8fshh43z3h4h9eq6c67fmrask03awehn7ww39wf3yay7ybxnh3v16%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMsJM_xAEZJSVL-XZ7_UP766RkA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTg4MzA0OTE5MzAwMzE5yAEJqQJ1rqYIqNexPqgDAaoEwAFP0Nq5y7Duciq2rCTwSmnFpDuvJWaB1mifnHFDdFuUVvDwC_O0Wk__JGaEYwMHlCkekizzQwaeBIyRDhIJ2f-Nf4St5qbpzRem5Tfah3cEVm6cdeK6hZW3kn7AoxQ4q-MuCrsICN8h2c-Raqx6-P9des0UEneTlxaRmb83qxDmMeTeFX_pnHUr3_EtdA9dIcCuWTzcxIjZSuXD2zYKc61x6IBFBz_mXJ4We2zUa28iRO3OmsOnPTTrm66pO9LNBCGABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3XHjoC4AZSmcpp-QMFaMv1HpShMA%2526client%253Dca-pub-2988304919300319%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.87.133.65 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-87-133-65.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 03:48:16 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame F63A 53 KB
54 KB 46ms
25ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C59040%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CzGDuRfYfZkPYfpHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=160&d=600&e=&g=363ba1db99e191a2b4e9674b269f0cf1%2F15175888619196785939&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1677988096645&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gg0vm2e7ypxr44aw2cs6dnyn6rnd9hqr0nqzw67yjkp93m3w67sjqe8s19fgm5szrp1e22jpsznyxwt37ep4e96cwdm22hq93ks4xydsqt6a4t0625pj17xzszychgbew84yznqeq5b1wv8g40dk1zv78w9dbvmg6xbh62abnva6tkn14qzr6ke70c5wggrndwan1q5nffdazkrwtmf57qkk7d2v11dk8d8fshh43z3h4h9eq6c67fmrask03awehn7ww39wf3yay7ybxnh3v16%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMsJM_xAEZJSVL-XZ7_UP766RkA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTg4MzA0OTE5MzAwMzE5yAEJqQJ1rqYIqNexPqgDAaoEwAFP0Nq5y7Duciq2rCTwSmnFpDuvJWaB1mifnHFDdFuUVvDwC_O0Wk__JGaEYwMHlCkekizzQwaeBIyRDhIJ2f-Nf4St5qbpzRem5Tfah3cEVm6cdeK6hZW3kn7AoxQ4q-MuCrsICN8h2c-Raqx6-P9des0UEneTlxaRmb83qxDmMeTeFX_pnHUr3_EtdA9dIcCuWTzcxIjZSuXD2zYKc61x6IBFBz_mXJ4We2zUa28iRO3OmsOnPTTrm66pO9LNBCGABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3XHjoC4AZSmcpp-QMFaMv1HpShMA%2526client%253Dca-pub-2988304919300319%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 384841
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54564
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=prqouUILcDhe%2B2oKA6DIbjwsuUxHD31DryjOmnfMYZBhfSFZ4OhVayVnhhjnAicdAkoFg6G9FOkCd%2FjyaAsi%2BvwdQjbNr%2BFoWlzVUkFdQYI8P3tSN2V1ongGWvtm9jrh%2FWD6muuwrlvTX4AK"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a2f61e49cf92c77-FRA
expires: Mon, 06 Mar 2023 03:48:16 GMT

GET
H2 200 BC686148DD030E5B6363B95E2B43530596C139B0E0801D1093B854C3C3E888CCB18DFB9C18089FB39D44F7EE9BAAA918E5EEDEB1DB55A3D91E411E85B4639142
assets.ad4m.at/product_image/ Frame F63A 24 KB
25 KB 49ms
28ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/BC686148DD030E5B6363B95E2B43530596C139B0E0801D1093B854C3C3E888CCB18DFB9C18089FB39D44F7EE9BAAA918E5EEDEB1DB55A3D91E411E85B4639142
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C59040%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CzGDuRfYfZkPYfpHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=160&d=600&e=&g=363ba1db99e191a2b4e9674b269f0cf1%2F15175888619196785939&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1677988096645&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gg0vm2e7ypxr44aw2cs6dnyn6rnd9hqr0nqzw67yjkp93m3w67sjqe8s19fgm5szrp1e22jpsznyxwt37ep4e96cwdm22hq93ks4xydsqt6a4t0625pj17xzszychgbew84yznqeq5b1wv8g40dk1zv78w9dbvmg6xbh62abnva6tkn14qzr6ke70c5wggrndwan1q5nffdazkrwtmf57qkk7d2v11dk8d8fshh43z3h4h9eq6c67fmrask03awehn7ww39wf3yay7ybxnh3v16%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMsJM_xAEZJSVL-XZ7_UP766RkA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTg4MzA0OTE5MzAwMzE5yAEJqQJ1rqYIqNexPqgDAaoEwAFP0Nq5y7Duciq2rCTwSmnFpDuvJWaB1mifnHFDdFuUVvDwC_O0Wk__JGaEYwMHlCkekizzQwaeBIyRDhIJ2f-Nf4St5qbpzRem5Tfah3cEVm6cdeK6hZW3kn7AoxQ4q-MuCrsICN8h2c-Raqx6-P9des0UEneTlxaRmb83qxDmMeTeFX_pnHUr3_EtdA9dIcCuWTzcxIjZSuXD2zYKc61x6IBFBz_mXJ4We2zUa28iRO3OmsOnPTTrm66pO9LNBCGABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3XHjoC4AZSmcpp-QMFaMv1HpShMA%2526client%253Dca-pub-2988304919300319%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbc7f65ca041dae8328e56172d00958d2cbc86da6495d87f41e5af649ab14658

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2507257
cf-polished: qual=85, origFmt=jpeg, origSize=151606
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24794
cf-bgj: imgq:85,h2pri
last-modified: Tue, 19 Oct 2021 11:55:08 GMT
server: cloudflare
etag: "d71e74a6f11e793171f7c83885ae5c26"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=If5EvEvm4MjhGknkwRFZ9%2FOb9xvxAydUapPOhMCg5x2nv0kV7JmWpuz%2FojKiqdz5QvvwLGwteTsdT9fIXH2DwgTsCPX7J7xJT469xWZPlrtgGYx4PdzBF2BEXBHbZRVRKmBCVhDeE28621R8"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a2f61e49cfb2c77-FRA
expires: Mon, 06 Mar 2023 03:48:16 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame F63A
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CLH4y-Pww_0CFQqB_QcdoFkFZg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023030504481782392365095X117679V1226132702MSviewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suit...

49 B
1 KB

111ms
25ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023030504481782392365095X117679V1226132702MSviewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023030504481782392365095X117679V1226132702MSviewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C59040%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CzGDuRfYfZkPYfpHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=160&d=600&e=&g=363ba1db99e191a2b4e9674b269f0cf1%2F15175888619196785939&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1677988096645&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gg0vm2e7ypxr44aw2cs6dnyn6rnd9hqr0nqzw67yjkp93m3w67sjqe8s19fgm5szrp1e22jpsznyxwt37ep4e96cwdm22hq93ks4xydsqt6a4t0625pj17xzszychgbew84yznqeq5b1wv8g40dk1zv78w9dbvmg6xbh62abnva6tkn14qzr6ke70c5wggrndwan1q5nffdazkrwtmf57qkk7d2v11dk8d8fshh43z3h4h9eq6c67fmrask03awehn7ww39wf3yay7ybxnh3v16%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMsJM_xAEZJSVL-XZ7_UP766RkA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTg4MzA0OTE5MzAwMzE5yAEJqQJ1rqYIqNexPqgDAaoEwAFP0Nq5y7Duciq2rCTwSmnFpDuvJWaB1mifnHFDdFuUVvDwC_O0Wk__JGaEYwMHlCkekizzQwaeBIyRDhIJ2f-Nf4St5qbpzRem5Tfah3cEVm6cdeK6hZW3kn7AoxQ4q-MuCrsICN8h2c-Raqx6-P9des0UEneTlxaRmb83qxDmMeTeFX_pnHUr3_EtdA9dIcCuWTzcxIjZSuXD2zYKc61x6IBFBz_mXJ4We2zUa28iRO3OmsOnPTTrm66pO9LNBCGABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3XHjoC4AZSmcpp-QMFaMv1HpShMA%2526client%253Dca-pub-2988304919300319%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 03:48:17 GMT
X-NODEIP: 88.99.63.132
Server: nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023030504481782392365095X117679V1226132702MSviewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023030504481782392365095X117679V1226132702MSviewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
date: Sun, 05 Mar 2023 03:48:17 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame F63A 44 KB
44 KB 48ms
27ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C59040%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CzGDuRfYfZkPYfpHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=160&d=600&e=&g=363ba1db99e191a2b4e9674b269f0cf1%2F15175888619196785939&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1677988096645&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gg0vm2e7ypxr44aw2cs6dnyn6rnd9hqr0nqzw67yjkp93m3w67sjqe8s19fgm5szrp1e22jpsznyxwt37ep4e96cwdm22hq93ks4xydsqt6a4t0625pj17xzszychgbew84yznqeq5b1wv8g40dk1zv78w9dbvmg6xbh62abnva6tkn14qzr6ke70c5wggrndwan1q5nffdazkrwtmf57qkk7d2v11dk8d8fshh43z3h4h9eq6c67fmrask03awehn7ww39wf3yay7ybxnh3v16%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMsJM_xAEZJSVL-XZ7_UP766RkA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTg4MzA0OTE5MzAwMzE5yAEJqQJ1rqYIqNexPqgDAaoEwAFP0Nq5y7Duciq2rCTwSmnFpDuvJWaB1mifnHFDdFuUVvDwC_O0Wk__JGaEYwMHlCkekizzQwaeBIyRDhIJ2f-Nf4St5qbpzRem5Tfah3cEVm6cdeK6hZW3kn7AoxQ4q-MuCrsICN8h2c-Raqx6-P9des0UEneTlxaRmb83qxDmMeTeFX_pnHUr3_EtdA9dIcCuWTzcxIjZSuXD2zYKc61x6IBFBz_mXJ4We2zUa28iRO3OmsOnPTTrm66pO9LNBCGABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3XHjoC4AZSmcpp-QMFaMv1HpShMA%2526client%253Dca-pub-2988304919300319%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1342930
cf-polished: origFmt=png, origSize=65187
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44710
cf-bgj: imgq:85,h2pri
last-modified: Tue, 17 Jan 2023 14:45:52 GMT
server: cloudflare
etag: "99941d3864a6d6ef01023c96e0475815"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lEi6kilJHK6wv4tAnsm5%2FLJkHN4Lk1Z34446A%2Blw54ZB%2BxghFEDndQ%2BYIQdr%2Boep2TUwdr7wUJlO6xt3zOa2py8xMTh7%2BsqK9Pji5WwFREDMvnZoU%2F%2B91F7tkE723N%2Fx6RzIz5J6TUp0fW9I"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a2f61e49cfe2c77-FRA
expires: Mon, 06 Mar 2023 03:48:16 GMT

GET
H2 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame F63A 298 KB
299 KB 48ms
28ms Image
image/png 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C59040%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CzGDuRfYfZkPYfpHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=160&d=600&e=&g=363ba1db99e191a2b4e9674b269f0cf1%2F15175888619196785939&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1677988096645&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gg0vm2e7ypxr44aw2cs6dnyn6rnd9hqr0nqzw67yjkp93m3w67sjqe8s19fgm5szrp1e22jpsznyxwt37ep4e96cwdm22hq93ks4xydsqt6a4t0625pj17xzszychgbew84yznqeq5b1wv8g40dk1zv78w9dbvmg6xbh62abnva6tkn14qzr6ke70c5wggrndwan1q5nffdazkrwtmf57qkk7d2v11dk8d8fshh43z3h4h9eq6c67fmrask03awehn7ww39wf3yay7ybxnh3v16%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMsJM_xAEZJSVL-XZ7_UP766RkA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTg4MzA0OTE5MzAwMzE5yAEJqQJ1rqYIqNexPqgDAaoEwAFP0Nq5y7Duciq2rCTwSmnFpDuvJWaB1mifnHFDdFuUVvDwC_O0Wk__JGaEYwMHlCkekizzQwaeBIyRDhIJ2f-Nf4St5qbpzRem5Tfah3cEVm6cdeK6hZW3kn7AoxQ4q-MuCrsICN8h2c-Raqx6-P9des0UEneTlxaRmb83qxDmMeTeFX_pnHUr3_EtdA9dIcCuWTzcxIjZSuXD2zYKc61x6IBFBz_mXJ4We2zUa28iRO3OmsOnPTTrm66pO9LNBCGABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3XHjoC4AZSmcpp-QMFaMv1HpShMA%2526client%253Dca-pub-2988304919300319%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad9cfb9dfc4bbe75509f6268415c710c44474dc703b8705eacada2ac8acb2725

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 382592
cf-polished: origSize=342797, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 305593
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LmutR1jCIxB8VMObidYxMfSteJZWdS8o5nW5vHpZtvPfzNnzJDMqfOR0VXbdjAF%2B%2Fpbx0dkmxHmYEKHtXA8oNDpwTMdGwjcNlrcDrKHR28oZJmb019NizdkEzQeHZ4hHd3Gt8vRkhdarrG5l"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a2f61e49cff2c77-FRA
expires: Mon, 06 Mar 2023 03:48:16 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame F63A
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1677988096_9002f9c0-bb08-11ed-9881-2239064e14e3&insert=AW&&gdpr=0&gdpr_consent=

0
473 B

61ms
16ms

Image
text/plain

2606:4700::6812:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1677988096_9002f9c0-bb08-11ed-9881-2239064e14e3&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Protocol

Server

2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:16 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
cache-control: no-cache
cf-ray: 7a2f61e5eaf29a0b-FRA
content-length: 0
expires: -1

Redirect headers

Date: Sun, 05 Mar 2023 03:48:16 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1677988096_9002f9c0-bb08-11ed-9881-2239064e14e3&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4708 0
0 52ms
52ms Image
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230301&jk=2360748523934508&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 9sSoBG9D25FhvYLg3_iwWJ49bM2Qm57VxEM1rvvqfaE.js Show response
pagead2.googlesyndication.com/bg/ Frame E330 36 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sSoBG9D25FhvYLg3_iwWJ49bM2Qm57VxEM1rvvqfaE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4a8046f43db9161bd82e0dff8b0589e3d6ccd909b9ed5c44335aefbea7da1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 13:37:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 137446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14343
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Mar 2024 13:37:30 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 15F3 42 B
64 B 56ms
55ms Fetch
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstB_LG3t7mLuEY-AFeSQbCGQP0wEjUC5RBGkPDILueIEm4ZmAi03uBYZFL41Qi3_0lA9AilsXj04SgiL_SmiKFvuIflxquNlTLYflJvrZkAM9qHXck5Cucw7LmA2-YsaBGEc8y_zA&sai=AMfl-YS2jKT2uueDohIhCd0AjCIFAOJB8j3h1I7fGT4J_S6iYwnxWzlUFguYFBkhvGTrwDWPdFMulxUoUilb&sig=Cg0ArKJSzL-EXOHBygQgEAE&cid=CAQSGwDUE5ymkP_j2a2RD8wZJ9moLle8PpYQspoa7BgB&id=lidar2&mcvt=1001&p=0,0,100,320&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230301&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1569719338&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677988095052&rpt=786&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 03:48:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E330 0
10 B 20ms
20ms Image
text/plain 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?7CBtUg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 03:48:16 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DAB7 42 B
64 B 57ms
56ms Fetch
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWQpQHlIAvCm6H5J6GYXaObE-Hi-pde1oeSMxcRwWEt07imqVhQF70HAEwOvvFgEdNooUpN3-WlzKmnZ5HziCa71pIUgtcIvsMX7SkexNtmzyQV4mSzo3_7shh9BtmuAlHXc3d3g&sai=AMfl-YSail_dsA6eYZmdVEFiEvDZVXRt5WiMUUxeYkUe1s826LFCYKMcFbSc9GfrFCvC2EDwLIUnG8CPKCQp&sig=Cg0ArKJSzGFcay47qCtTEAE&cid=CAQSGwDUE5ymQxL6hAUQPO0qXJKom_tkaeROFABdYxgB&id=lidar2&mcvt=1001&p=0,0,500,180&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230301&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677988095812&rpt=426&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 03:48:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 151E 42 B
64 B 57ms
56ms Fetch
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuWTFwFtF82CsvV_0qBZK6tl_P5FNFLMjGKeX7R1EVgqB6emEhxCBNCSWTN4md1qscj3HJkSMPFOjQvpuEMFKMqW5k43otE5ZcyA2ay5Lk8rw7Rfy1iLUpLHfwhtj8tPzqCPZ8-Wg&sai=AMfl-YT_-zgAgss6jsCQ6XQfUDTDxZSgi0FbQmaZ3FrzlTUr3aEGBmjivled7_Cqi_sGx0KLFOeIWOedcRf_&sig=Cg0ArKJSzFlepdgtwUjsEAE&cid=CAQSGwDUE5ymQxL6hAUQPO0qXJKom_tkaeROFABdYxgB&id=lidar2&mcvt=1000&p=0,0,500,180&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230301&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677988095816&rpt=470&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 03:48:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
58ms Image
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230301&jk=2360748523934508&bg=!X1ylXAjNAAbv3-2Ez987ADkAdvg8Wt-D5tcZk64Gr4WvAALlyOjr10xb5LhwxqU8KVMfTZLFmrIyRn8u75KBI33AjSwpczN1_TQCAAAAblIAAAAJaAEHCgAtc7eqdDB_nlSMHB9nfUuoKsw-AjWLJlkDKXDfWDbeO5zfow8Aet7LO0E1_SYgmQKyQ7lrsBWwfztBR7htY0mG1uBjHmO7J6Jn5bjmF3XMvHryQy97_MQU-ggQjnI4EWLSkS518O6alHLIeUHMSJP7-zdhyv2VY5NK77kbsRt5kM8iXNDVjXWqt7XqokZtryS5P-wv_dLALaF7g9b09kNfGzQqyz6-8m2YOzibMV2GVCRSigRyfq_nB7RgKWBO04RfKkc8BbJtSEqCue7Wg1NRekncsBOhy2OHhEsh6uiIK7vP4wTZMueEbRucd_ACCsThI5Xi2k-r8Ad8-FR7X2poFdxiNtjyd0_s3iVlfovCQZpvbMfLMXVAXF46edpoOPW0j9gZl-xa2diiuiWl28-lDngIsfsaC5pDCox608k80Qrq1pCRT1Sx6wLU8pEJP6MHAbASGUHPvRJqxNXtb3zglT07yj7-0flf5vwOux7Pt-YLIkeEAmmShHgTnKhIGjuwS-dgcjMBev4m7sT7KOudS2SrPfNYEMvZWYZSjPlhITXIM-wwIHxDHsz5X4DCcVm2yPRIT8DSUTaWXBbfMIdqUNmoeZfdYERXjTxqV3OkNWOgnJNROFX9cxE-_vx2xM_6zhuZxYql9mXs_VIIzbc-xmrXL9M7kYAqNiLBhvCYDsOA0Wpqo9TyasnBYwv8cUPM9aYSg-SbohMr0orMJk_kdzWSjl_rowvKU-IHaKnBZOUPTcrJHiTTAzCAGtDoyv8kRpkz_uHLSMc1_f0_UluB-4fOf_83swnYPCw9EKMDb-WuG4PM0aQw4vXNOtN-ww9afJJQ4ur0usDc5s6JciF-wQj1iX35IWV7v8bbkf0Byh3Lhn3iddGBGHvPXYKWx5DnKz52wA_LBU2YSFG4P2DFuFAB94eEg6A7Rnj_Or8_HgGqkJs3aGyZ7URddZWdBvsTByV3XlbHASLe9JWL6QIr-0iA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nganhangs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

POST
H2 200 all
csm.eu.criteo.net/ Frame AFDE 0
127 B 17ms
16ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 05 Mar 2023 03:48:21 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nganhangs.com/	1970-01-20 19:28:04	Name: __gads Value: ID=1b7aa64c0a927f26-22670e8b3cdd00b3:T=1677988095:RT=1677988095:S=ALNI_MYV9I-1pnfZUY7kbPSlcIWRc_nezg
.nganhangs.com/	1970-01-20 19:28:04	Name: __gpi Value: UID=00000bbf2fdb325e:T=1677988095:RT=1677988095:S=ALNI_MbqZzGtA5oZSQVS7RVE7vE7Wr64bQ
.nganhangs.com/	1970-01-20 19:42:28	Name: _ga Value: GA1.2.981491925.1677988095
.nganhangs.com/	1970-01-20 10:07:54	Name: _gid Value: GA1.2.78127083.1677988095
.nganhangs.com/	1970-01-20 10:06:28	Name: _gat_gtag_UA_5334604_42 Value: 1
.doubleclick.net/	1970-01-20 19:28:04	Name: IDE Value: AHWqTUlD4tt12rw2PRL2WLW_GtfTrrMcNCAydXJNlZHK9xbpnjQ7_rWdMUXGWDvvFOI
.doubleclick.net/	1970-01-20 10:06:28	Name: test_cookie Value: CheckForPermission
.ctnsnet.com/	1970-01-20 18:52:04	Name: cid_5393114e2852471fb818e0d5f87615fd Value: 1
.ctnsnet.com/	1970-01-20 18:52:04	Name: gid_CAESELyVcanEjTAplsqKL9ZH7as Value: 1
.blismedia.com/	1970-01-20 18:52:08	Name: b Value: 64041100605E6DB673015730BLIS
.w55c.net/	1970-01-20 19:38:08	Name: wfivefivec Value: OxCOwD311PyFm85
.adform.net/	1970-01-20 10:51:06	Name: C Value: 1
.w55c.net/	1970-01-20 10:49:40	Name: matchgoogle Value: 5
.360yield.com/	1970-01-20 12:16:04	Name: tuuid Value: 4d839597-3c6c-4e9c-8e33-fa1f60c1c19b
.360yield.com/	1970-01-20 12:16:04	Name: tuuid_lu Value: 1677988096
.adform.net/	1970-01-20 11:32:52	Name: uid Value: 3211355674589085097
.casalemedia.com/	1970-01-20 18:52:04	Name: CMID Value: ZAQRAJQEDPGXDfPBJ6ahpQAA
.casalemedia.com/	1970-01-20 12:16:04	Name: CMPS Value: 2196
.casalemedia.com/	1970-01-20 12:16:04	Name: CMPRO Value: 2196
.doubleclick.net/	1970-01-20 10:06:31	Name: DSID Value: NO_DATA
.awin1.com/	1970-01-20 10:10:47	Name: awpv11354 Value: 412871\|1677988096\|9002f9c0-bb08-11ed-9881-2239064e14e3
www.conrad.de/	1970-01-20 10:10:47	Name: HTLP_timestamp Value: 1677988096951
www.conrad.de/	1970-01-20 10:10:47	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 10:06:29	Name: __cf_bm Value: Q3w88luJ20XKd95gA5ib27OblumM9kXIQWGIlouCsIk-1677988096-0-AQLBfMVZzVHd4XiYlDQReynR/cn75st85i6Iv1Cp0c697cY/UzAoWSzc+qAYdPXAXO3JkCO7YjYuDToHX2IQUPg=
.awin1.com/	1970-01-20 10:09:20	Name: awpv20044 Value: 412871\|1677988096\|9000d6e0-bb08-11ed-b520-223763a3e4ca
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 415363:2904924
.o2online.de/	1970-01-20 10:16:32	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMzMDAwMDAwMDA2MTY3Nzk4ODA5N3ZsZWExZGUyMDIzMDMwNTA0NDgxNzgyMzkyMzY1MDk1WDExNzY3OVYxMjI2MTMyNzAyTVN2aWV3b25laWRra0RhNWYzZktEUXdzNEh3SGV0QnRWVldmWlNqVG1tQWE5MVllb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDEyMV9CRVNUUEVSRk9STUVSMTE3Njc5
.o2online.de/	1970-01-20 10:16:32	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 10:16:32	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023030504481782392365095X117679V1226132702MSviewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMzMDAwMDAwMDA2MTY3Nzk4ODA5N3ZsZWExZGUyMDIzMDMwNTA0NDgxNzgyMzkyMzY1MDk1WDExNzY3OVYxMjI2MTMyNzAyT

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2988304919300319&output=html&h=250&slotname=3954313612&adk=3919420565&adf=1363369206&pi=t.ma~as.3954313612&w=300&lmt=1677988095&format=300x250&url=https%3A%2F%2Fnganhangs.com%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677988094929&bpp=3&bdt=4436&idt=130&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100&correlator=5094268564545&frm=20&pv=1&ga_vid=981491925.1677988095&ga_sid=1677988095&ga_hid=404723163&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=1475&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759875%2C44759926%2C44759837%2C31071869%2C31072731%2C31072742&oid=2&pvsid=2360748523934508&tmod=1685346969&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=GLJXKVGjlK&p=https%3A//nganhangs.com&dtd=133 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1#RS-3-&adk=1812271802&client=ca-pub-2988304919300319&fa=2&ifi=9&uci=a!9&btvi=5&xpc=QMUFEZuu9o&p=https%3A//nganhangs.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-2988304919300319&fa=3&ifi=7&uci=a!7&btvi=3&xpc=aA23dW3F7G&p=https%3A//nganhangs.com Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271804&client=ca-pub-2988304919300319&fa=4&ifi=8&uci=a!8&btvi=4&xpc=Ihvgxv8GqA&p=https%3A//nganhangs.com Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad4m.at
ads.eu.criteo.com
adservice.google.com
adservice.google.de
as.ad4m.at
assets.ad4m.at
c1.adform.net
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
match.360yield.com
nganhangs.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.o2online.de
pix.eu.criteo.net
pm.w55c.net
prod-rtb.ad4mat.net
rtb.nl3.eu.criteo.com
s.ad.smaato.net
s.tainhaccho.vn
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.criteo.net
tpc.googlesyndication.com
tr.blismedia.com
www.awin1.com
www.conrad.de
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
104.87.133.65
125.212.226.20
125.212.226.33
142.250.180.198
142.251.208.98
167.233.13.224
178.250.1.6
18.196.104.151
185.80.39.216
2600:1901:0:76b9::
2600:9000:2204:a200:1b:5138:8a40:93a1
2606:4700:20::681a:bd1
2606:4700:20::ac43:444e
2606:4700::6811:190e
2606:4700::6812:7e05
2a00:1450:4001:808::2004
2a00:1450:4001:810::2008
2a00:1450:4001:827::200e
2a00:1450:4001:82b::2002
2a00:1450:400d:803::2002
2a00:1450:400d:805::2002
2a00:1450:400d:806::2002
2a00:1450:400d:807::2002
2a00:1450:400d:807::2003
2a00:1450:400d:808::2003
2a00:1450:400d:80d::2001
2a00:1450:400d:80d::2002
2a00:1450:400d:80e::200a
2a02:2638:3::12
2a02:2638:3::3
2a02:2638:3::9
2a02:2638:3::f
2a02:2638::21
34.96.105.8
35.186.193.173
37.157.5.142
52.58.237.138
84.200.5.215
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
08c5ec3de7ac7fd5de23fb89c047439660bc2b6411b1c2da221114cceba25e03
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e250995105aa2fcd6eda902bd6160bad1da1e763905a6661f1ae2a840467573
142d4c82b3124e9fe52bab08f9deb2257c7b4df2fac7b8d7586fedbe337f9626
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
27b77f45383ebe5002aac08aace232589d1144e5c7508b822b08b969fa2cee3c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
300072e571e9790f36bce7d2531f74b6321f5092c4d1d29a81f7cb2d9016fd0a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
354802fb4ef4238d377ebbfe1d97bcb9c230ef94d48225effeb6ff81de5b49b9
36e67c69a3ad905a064ab8db31d09d9d2fdfa99f42d932de7e028b2178159552
3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
42ebd50a92c1ffd283607771976ef0781cd4b23ded88f9afad64026e12e86f0b
430ad7d87dec1ab5c1234db1c8cc1d2f8530510f4000d1d3195a11be3b4bcfa4
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
534fc06c45c7d01a29fa7853ca5aa95056e4202703b843b27c0db36210c63a3d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a9dfdaa3052c92b5c6c3ca648b69bd14c5af640a3c2004837a2b68d1354b025
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5fae872d3779e0ea3ef74dcfac2369da2c449b65cf7f8a4be8a99e61bc67bcd9
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
621cd4b2b1d8a875fcb17988e15e2a6de0b0a528f3b2641b1d66ca4f52756207
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
6eec6895639ac2f47ed6a7b248d7e6c1bc1df60b485d8e52c5fef6c77687721f
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7e74f13644c40b8c8b6da102afae4aa68322e69ff870de3fa3313be4f3fd9612
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8bf83c1ea634ce4343935bd62eeadd798915fdea690779d49e51785301402477
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d
97216833c4b179d99561e8d7690aca967286ef9e6c61180b9d1a2fbd24ef8d7e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
ad9cfb9dfc4bbe75509f6268415c710c44474dc703b8705eacada2ac8acb2725
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
bd8ddbbbc930d6e4d1ee1d7230dedc6762fca28f5a3f869d3e3e43c95cd370c8
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c670776197e499445774c3a6173553b47feb3c5526b59976436497fee88c2920
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cbb5d0cd99752f39042ab89b65c414c46d91111198c4c805e45e8e807e77f46f
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
d046aae671e978ca3055c6be4a32c0d3a63a74a37f8d57af615709d28541d43c
d6146780779c2950fe7b895d70d665ca62b06ad838d72d5a53e97c7b774e50f6
de3f338ac6b22ad70aa18d991d6f66cab193bbba456d7221a4052ba130c7ba40
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e10fab83f715fa5685e424ee6e3077c97ed60b4d6c8f478b0ecd81cd3e03212f
e37316f20ee8564506ca9dbf035ba412ef6f79d7fd534c98b6f7d2bd49e11dc9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0
e5d14ab3fcc3ce05c053ddb58862ba11d6424f75e1d8c508253aa875f95c6a73
e816058647d210f8d34b9750266c4b230a3a840eab115a3840db261846890437
ed773c71e49307a42a45ada232f27a113a6d6ee8c6ab32ab166aaefaa9a56521
ee5af1417e7680b3e586cc42b82044fabb835357817527a8cd665db4d1116077
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6c4a8046f43db9161bd82e0dff8b0589e3d6ccd909b9ed5c44335aefbea7da1
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f852a640d9413c89c9791db8cdd4b3f95c5495d15f15bb6c59f376d096ae8d2f
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
fbc7f65ca041dae8328e56172d00958d2cbc86da6495d87f41e5af649ab14658
fc18c269c69ac933db21112773ef567956f0cf5f50bdcbdb59b65830cc896707
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

nganhangs.com Open in urlscan Pro 125.212.226.33 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

147 Requests

93 %HTTPS

63 %IPv6

29 Domains

41 Subdomains

31 IPs

8 Countries

2432 kBTransfer

5186 kBSize

29 Cookies

79 Outgoing links

Page URL History

Redirected requests

147 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

nganhangs.com Open in urlscan Pro
125.212.226.33 Public Scan

Screenshot
Live screenshot

Full Image

147
Requests

93 %
HTTPS

63 %
IPv6

29
Domains

41
Subdomains

31
IPs

8
Countries

2432 kB
Transfer

5186 kB
Size

29
Cookies

147 HTTP transactions
8 data transactions