vhearts.net Open in urlscan Pro
27.72.72.31  Public Scan

13 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 108

• https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIKpmvuNQ866imN71nkNQBmeMMBLz1oPK0ioxjO7oSnez-xFRy024qENOBlhN0rhaHAMsngLkqsxE_6FVpIvCxiJD2g58xL&google_gid=CAESEELszrxWf-dxpYhsuh1e3zI&google_cver=1 HTTP 302
• https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIKpmvuNQ866imN71nkNQBmeMMBLz1oPK0ioxjO7oSnez-xFRy024qENOBlhN0rhaHAMsngLkqsxE_6FVpIvCxiJD2g58xL&google_gid=CAESEELszrxWf-dxpYhsuh1e3zI&google_cver=1&rd=Y HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA4MDUwNDQyMzEwMDA2Mzc5NDc2MDc1NA%3D%3D&google_push=AYg5qPIKpmvuNQ866imN71nkNQBmeMMBLz1oPK0ioxjO7oSnez-xFRy024qENOBlhN0rhaHAMsngLkqsxE_6FVpIvCxiJD2g58xL

Request Chain 110

• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDvkh8hL7nswmvQcjgOVbuI&google_cver=1&google_push=AYg5qPL7yCzTqyjsqWrnY8MTE1702pajYfkHFxmWUO6McJzxK4I6F4y-fuKE_vrrsRlYpHXNRxzKV5EiU4Pmq9X5CNJNyoJESXtasA HTTP 302
• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDvkh8hL7nswmvQcjgOVbuI&google_cver=1&google_push=AYg5qPL7yCzTqyjsqWrnY8MTE1702pajYfkHFxmWUO6McJzxK4I6F4y-fuKE_vrrsRlYpHXNRxzKV5EiU4Pmq9X5CNJNyoJESXtasA&rdf=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QJJ5H9foSSeFGkEmhv3v7g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL7yCzTqyjsqWrnY8MTE1702pajYfkHFxmWUO6McJzxK4I6F4y-fuKE_vrrsRlYpHXNRxzKV5EiU4Pmq9X5CNJNyoJESXtasA

Request Chain 111

• https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGR9awP-Y2T9qg0lKmbLTWM&google_cver=1&google_push=AYg5qPL2O5mJJmMdaTzRLS70hvdb98xAxNrL0FQ_LVk7f7L_lX8hwl05JCxUKonkMssRVkhcSKb44m-zT92-cAxDcmksYgDVvaOy HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JZRk5NRTAtOC02OE9C&google_push=AYg5qPL2O5mJJmMdaTzRLS70hvdb98xAxNrL0FQ_LVk7f7L_lX8hwl05JCxUKonkMssRVkhcSKb44m-zT92-cAxDcmksYgDVvaOy

Request Chain 112

• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43cpggPoh0UDtxr-dS2BTp--JI_IAr5vV89lCACxTHDVVot-hlR HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43cpggPoh0UDtxr-dS2BTp--JI_IAr5vV89lCACxTHDVVot-hlR&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43cpggPoh0UDtxr-dS2BTp--JI_IAr5vV89lCACxTHDVVot-hlR&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43cpggPoh0UDtxr-dS2BTp--JI_IAr5vV89lCACxTHDVVot-hlR&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43cpggPoh0UDtxr-dS2BTp--JI_IAr5vV89lCACxTHDVVot-hlR&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43cpggPoh0UDtxr-dS2BTp--JI_IAr5vV89lCACxTHDVVot-hlR&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43cpggPoh0UDtxr-dS2BTp--JI_IAr5vV89lCACxTHDVVot-hlR&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43cpggPoh0UDtxr-dS2BTp--JI_IAr5vV89lCACxTHDVVot-hlR&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43cpggPoh0UDtxr-dS2BTp--JI_IAr5vV89lCACxTHDVVot-hlR&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43cpggPoh0UDtxr-dS2BTp--JI_IAr5vV89lCACxTHDVVot-hlR&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43cpggPoh0UDtxr-dS2BTp--JI_IAr5vV89lCACxTHDVVot-hlR&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43cpggPoh0UDtxr-dS2BTp--JI_IAr5vV89lCACxTHDVVot-hlR&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43cpggPoh0UDtxr-dS2BTp--JI_IAr5vV89lCACxTHDVVot-hlR&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43cpggPoh0UDtxr-dS2BTp--JI_IAr5vV89lCACxTHDVVot-hlR&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43cpggPoh0UDtxr-dS2BTp--JI_IAr5vV89lCACxTHDVVot-hlR&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43cpggPoh0UDtxr-dS2BTp--JI_IAr5vV89lCACxTHDVVot-hlR&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43cpggPoh0UDtxr-dS2BTp--JI_IAr5vV89lCACxTHDVVot-hlR&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43cpggPoh0UDtxr-dS2BTp--JI_IAr5vV89lCACxTHDVVot-hlR&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43cpggPoh0UDtxr-dS2BTp--JI_IAr5vV89lCACxTHDVVot-hlR&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43cpggPoh0UDtxr-dS2BTp--JI_IAr5vV89lCACxTHDVVot-hlR&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43cpggPoh0UDtxr-dS2BTp--JI_IAr5vV89lCACxTHDVVot-hlR&google_cver=1

Request Chain 117

• https://hal900027.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=b1d0410722&subid=&uid=ce03bc37bcaa9a84&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5030011944517376466%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D0a1c610b-6c37-4801-9933-d5def952acc7%26mt_cid%3D0a1c610b-6c37-4801-9933-d5def952acc7%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCOxezNmwLYc_DMprR7gPeppr4D8-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjMzMzg4NDA2MDcwNTgwM8gBCagDAaoExQFP0MAvdwJENqnonrNgpJgxIfRjehZBDrFDxdo0PZeueOWiU-Jba0WpBYm_tNbGTBDnD9PpgTGqELuSZwI3BD16jXe2DPbdIqLEzSJ7-gSK3-UvYxwxLICdwcuZcIurYb1PK6kOwwwvQRbjGEJNCsEP9zKRqAoZKprIgN5AjWILWrRvHX7In1EWR_F9H5Hnq_qaPc0xTcMzu5SUdGTmmlIVyBA9CR6tFqRi1ht1AVPs3wvP5hTOi4H0MTCFkMHUx9-Ix3eHxYAGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3SeikFc1FCFyKDeK75uSTRvE2_0Q%2526client%253Dca-pub-2333884060705803%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2333884060705803%26output%3Dhtml%26h%3D280%26adk%3D2073554963%26adf%3D1122717268%26pi%3Dt.aa~a.1316038043~rp.4%26w%3D612%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1628138550%26rafmt%3D1%26to%3Dqs%26pwprc%3D2198116220%26psa%3D0%26format%3D612x280%26url%3Dhttps%253A%252F%252Fvhearts.net%252Fvieclamdongnai%26flash%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..%26dt%3D1628138550782%26bpp%3D3%26bdt%3D2123%26idt%3D-M%26shv%3Dr20210802%26mjsv%3Dm202108040201%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D502dbd9bbdcbdefd-226619e186c90054%253AT%253D1628138550%253ART%253D1628138550%253AS%253DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ%26prev_fmts%3D363x280%252C363x280%252C0x0%26nras%3D2%26correlator%3D2231057986897%26frm%3D20%26pv%3D1%26ga_vid%3D1080471646.1628138550%26ga_sid%3D1628138550%26ga_hid%3D805508800%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D808%26ady%3D1255%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44743417%252C20211866%252C21065725%26oid%3D3%26pvsid%3D3013204802182325%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D3%26fsb%3D1%26xpc%3Dxcwvss8ZH1%26p%3Dhttps%253A%2F%2Fvhearts.net%26dtd%3D28&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fvhearts.net&random=363679877996&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
• https://hal900027.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=b1d0410722&subid=&uid=ce03bc37bcaa9a84&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5030011944517376466%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D0a1c610b-6c37-4801-9933-d5def952acc7%26mt_cid%3D0a1c610b-6c37-4801-9933-d5def952acc7%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCOxezNmwLYc_DMprR7gPeppr4D8-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjMzMzg4NDA2MDcwNTgwM8gBCagDAaoExQFP0MAvdwJENqnonrNgpJgxIfRjehZBDrFDxdo0PZeueOWiU-Jba0WpBYm_tNbGTBDnD9PpgTGqELuSZwI3BD16jXe2DPbdIqLEzSJ7-gSK3-UvYxwxLICdwcuZcIurYb1PK6kOwwwvQRbjGEJNCsEP9zKRqAoZKprIgN5AjWILWrRvHX7In1EWR_F9H5Hnq_qaPc0xTcMzu5SUdGTmmlIVyBA9CR6tFqRi1ht1AVPs3wvP5hTOi4H0MTCFkMHUx9-Ix3eHxYAGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3SeikFc1FCFyKDeK75uSTRvE2_0Q%2526client%253Dca-pub-2333884060705803%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2333884060705803%26output%3Dhtml%26h%3D280%26adk%3D2073554963%26adf%3D1122717268%26pi%3Dt.aa~a.1316038043~rp.4%26w%3D612%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1628138550%26rafmt%3D1%26to%3Dqs%26pwprc%3D2198116220%26psa%3D0%26format%3D612x280%26url%3Dhttps%253A%252F%252Fvhearts.net%252Fvieclamdongnai%26flash%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..%26dt%3D1628138550782%26bpp%3D3%26bdt%3D2123%26idt%3D-M%26shv%3Dr20210802%26mjsv%3Dm202108040201%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D502dbd9bbdcbdefd-226619e186c90054%253AT%253D1628138550%253ART%253D1628138550%253AS%253DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ%26prev_fmts%3D363x280%252C363x280%252C0x0%26nras%3D2%26correlator%3D2231057986897%26frm%3D20%26pv%3D1%26ga_vid%3D1080471646.1628138550%26ga_sid%3D1628138550%26ga_hid%3D805508800%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D808%26ady%3D1255%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44743417%252C20211866%252C21065725%26oid%3D3%26pvsid%3D3013204802182325%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D3%26fsb%3D1%26xpc%3Dxcwvss8ZH1%26p%3Dhttps%253A%2F%2Fvhearts.net%26dtd%3D28&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fvhearts.net&random=363679877996&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 119

• https://hal900014.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=b721887d26&subid=&uid=6c5af00e5ba18121&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8488776458337917555%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D0b1c610b-6c37-4a01-a688-35d248016165%26mt_cid%3D0b1c610b-6c37-4a01-a688-35d248016165%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCbaT0NmwLYdnCM7m4x_AP5JqzwA_Ph46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTIzMzM4ODQwNjA3MDU4MDPIAQmoAwGqBMUBT9CFPPOkWf8k0eCXUumFkNmOchigDCKGCAycmlWqm1FUEXo_pUgZv_GxCnzSaJkOUTpnq6mFFqoO_cwdma9IH3sRqhIaJ1E93CudeDF9dKMMerH6ivvv5hiCKOf20IXYGaGCM3rasYJkFtnmLLUJcy4NamCnSSZ80Z_O1MG5dUAIgz88ZQ1h_n8ALPxhMtrkpjVHNpyeAMdIA5AE6ziS454HEbkcC_TbCNICilbtPzB_ZUM7oprJ5CFeLAdZuiRwC89lpjCABpPmxMWZ3fWv-gGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2GbYXcMj-UWdgKhgxJuoZqsz7F3Q%2526client%253Dca-pub-2333884060705803%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2333884060705803%26output%3Dhtml%26h%3D280%26adk%3D2073554963%26adf%3D3381349681%26pi%3Dt.aa~a.315596959~rp.4%26w%3D612%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1628138550%26rafmt%3D1%26to%3Dqs%26pwprc%3D2198116220%26psa%3D0%26format%3D612x280%26url%3Dhttps%253A%252F%252Fvhearts.net%252Fvieclamdongnai%26flash%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..%26dt%3D1628138550782%26bpp%3D2%26bdt%3D2123%26idt%3D-M%26shv%3Dr20210802%26mjsv%3Dm202108040201%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D502dbd9bbdcbdefd-226619e186c90054%253AT%253D1628138550%253ART%253D1628138550%253AS%253DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ%26prev_fmts%3D363x280%252C363x280%252C0x0%252C612x280%26nras%3D3%26correlator%3D2231057986897%26frm%3D20%26pv%3D1%26ga_vid%3D1080471646.1628138550%26ga_sid%3D1628138550%26ga_hid%3D805508800%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D808%26ady%3D1620%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44743417%252C20211866%252C21065725%26oid%3D3%26pvsid%3D3013204802182325%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D4%26fsb%3D1%26xpc%3D7Z0yTmErq7%26p%3Dhttps%253A%2F%2Fvhearts.net%26dtd%3D35&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fvhearts.net&random=9065677921951&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
• https://hal900014.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=b721887d26&subid=&uid=6c5af00e5ba18121&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8488776458337917555%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D0b1c610b-6c37-4a01-a688-35d248016165%26mt_cid%3D0b1c610b-6c37-4a01-a688-35d248016165%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCbaT0NmwLYdnCM7m4x_AP5JqzwA_Ph46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTIzMzM4ODQwNjA3MDU4MDPIAQmoAwGqBMUBT9CFPPOkWf8k0eCXUumFkNmOchigDCKGCAycmlWqm1FUEXo_pUgZv_GxCnzSaJkOUTpnq6mFFqoO_cwdma9IH3sRqhIaJ1E93CudeDF9dKMMerH6ivvv5hiCKOf20IXYGaGCM3rasYJkFtnmLLUJcy4NamCnSSZ80Z_O1MG5dUAIgz88ZQ1h_n8ALPxhMtrkpjVHNpyeAMdIA5AE6ziS454HEbkcC_TbCNICilbtPzB_ZUM7oprJ5CFeLAdZuiRwC89lpjCABpPmxMWZ3fWv-gGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2GbYXcMj-UWdgKhgxJuoZqsz7F3Q%2526client%253Dca-pub-2333884060705803%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2333884060705803%26output%3Dhtml%26h%3D280%26adk%3D2073554963%26adf%3D3381349681%26pi%3Dt.aa~a.315596959~rp.4%26w%3D612%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1628138550%26rafmt%3D1%26to%3Dqs%26pwprc%3D2198116220%26psa%3D0%26format%3D612x280%26url%3Dhttps%253A%252F%252Fvhearts.net%252Fvieclamdongnai%26flash%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..%26dt%3D1628138550782%26bpp%3D2%26bdt%3D2123%26idt%3D-M%26shv%3Dr20210802%26mjsv%3Dm202108040201%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D502dbd9bbdcbdefd-226619e186c90054%253AT%253D1628138550%253ART%253D1628138550%253AS%253DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ%26prev_fmts%3D363x280%252C363x280%252C0x0%252C612x280%26nras%3D3%26correlator%3D2231057986897%26frm%3D20%26pv%3D1%26ga_vid%3D1080471646.1628138550%26ga_sid%3D1628138550%26ga_hid%3D805508800%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D808%26ady%3D1620%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44743417%252C20211866%252C21065725%26oid%3D3%26pvsid%3D3013204802182325%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D4%26fsb%3D1%26xpc%3D7Z0yTmErq7%26p%3Dhttps%253A%2F%2Fvhearts.net%26dtd%3D35&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fvhearts.net&random=9065677921951&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 130

• https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
• https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=COn7geCImfICFY-WdwodJD8KjQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
• https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
• https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1628138551_8b97d860-f5a7-11eb-bfe3-692d0dec5663

Request Chain 135

• https://d.agkn.com/pixel/2175/?google_gid=CAESEI_692VHwWfd6YodN2eZwE4&google_cver=1&google_push=AYg5qPKt6zbeJRczcSVr6tAmBrjAVOPjAfDKfx9PGr2qK5Pf7P-U0v_8ETj-8MtDzxz3y3qXy8HO4wH-w2o3JK2HaXJEph_nvzij HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKt6zbeJRczcSVr6tAmBrjAVOPjAfDKfx9PGr2qK5Pf7P-U0v_8ETj-8MtDzxz3y3qXy8HO4wH-w2o3JK2HaXJEph_nvzij&google_hm=Q0FFU0VJXzY5MlZId1dmZDZZb2ROMmVad0U0

Request Chain 136

• https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPITD7xMH635OnFzGjOBUFRKvIhcjUY7OV-pz4IkdealqIxNL9q0XRbFHoW0QsxtMIwgJkKkkT0CqhUbrSN5-7AVGwPsZf_S&google_gid=CAESEELszrxWf-dxpYhsuh1e3zI&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA4MDUwNDQyMzEwMDA0NjY0NDU3MDE5Nw%3D%3D&google_push=AYg5qPITD7xMH635OnFzGjOBUFRKvIhcjUY7OV-pz4IkdealqIxNL9q0XRbFHoW0QsxtMIwgJkKkkT0CqhUbrSN5-7AVGwPsZf_S

Request Chain 137

• https://rtb.openx.net/sync/dds?google_gid=CAESEFdShOY_7NyHU3QG7w17Nhg&google_cver=1&google_push=AYg5qPJPUJq-N8vfVr2MfCIDaYUsBbAtkR3Pi6ks3OJQUFJ1W4A8BWEhNmTXJrYoeWnLU1dX99QvDSGzNA5FDiAUlyws__LaqVGI HTTP 302
• https://rtb.openx.net/sync/dds?google_gid=CAESEFdShOY_7NyHU3QG7w17Nhg&google_cver=1&google_push=AYg5qPJPUJq-N8vfVr2MfCIDaYUsBbAtkR3Pi6ks3OJQUFJ1W4A8BWEhNmTXJrYoeWnLU1dX99QvDSGzNA5FDiAUlyws__LaqVGI&ox_sc=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJPUJq-N8vfVr2MfCIDaYUsBbAtkR3Pi6ks3OJQUFJ1W4A8BWEhNmTXJrYoeWnLU1dX99QvDSGzNA5FDiAUlyws__LaqVGI&google_hm=6bPOm6oJwZosJGlBj2O0vg==

Request Chain 138

• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDvkh8hL7nswmvQcjgOVbuI&google_cver=1&google_push=AYg5qPL7sRpodlWxmSEUNWyvg_sUJQMlPfXgXgYJgd7Xjvt96CS1HMycR4ghqFAzz7vwDhqWPf44FJ77ixnBHfdivkHnm8crKH8N HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QJJ5H9foSSeFGkEmhv3v7g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL7sRpodlWxmSEUNWyvg_sUJQMlPfXgXgYJgd7Xjvt96CS1HMycR4ghqFAzz7vwDhqWPf44FJ77ixnBHfdivkHnm8crKH8N

Request Chain 139

• https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGR9awP-Y2T9qg0lKmbLTWM&google_cver=1&google_push=AYg5qPJPrSIMpYet8Tj9KF43fVDDsf85mh_BSN6X6-kTG8KDPtq3w5RowFPyIwWG_7B02kGujn02jMZJTTFyKHVekZhm2GO2MKw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JZRk5NTUItMUItQVVMTg==&google_push=AYg5qPJPrSIMpYet8Tj9KF43fVDDsf85mh_BSN6X6-kTG8KDPtq3w5RowFPyIwWG_7B02kGujn02jMZJTTFyKHVekZhm2GO2MKw

Request Chain 140

• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6GKlhHBQRYE12oUvMIMNFRaolzzHVkyZFcKAuo1c2exK0vJFHBEAezLb66A__U0i HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6GKlhHBQRYE12oUvMIMNFRaolzzHVkyZFcKAuo1c2exK0vJFHBEAezLb66A__U0i HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6GKlhHBQRYE12oUvMIMNFRaolzzHVkyZFcKAuo1c2exK0vJFHBEAezLb66A__U0i HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6GKlhHBQRYE12oUvMIMNFRaolzzHVkyZFcKAuo1c2exK0vJFHBEAezLb66A__U0i HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6GKlhHBQRYE12oUvMIMNFRaolzzHVkyZFcKAuo1c2exK0vJFHBEAezLb66A__U0i HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6GKlhHBQRYE12oUvMIMNFRaolzzHVkyZFcKAuo1c2exK0vJFHBEAezLb66A__U0i HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6GKlhHBQRYE12oUvMIMNFRaolzzHVkyZFcKAuo1c2exK0vJFHBEAezLb66A__U0i HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6GKlhHBQRYE12oUvMIMNFRaolzzHVkyZFcKAuo1c2exK0vJFHBEAezLb66A__U0i HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6GKlhHBQRYE12oUvMIMNFRaolzzHVkyZFcKAuo1c2exK0vJFHBEAezLb66A__U0i HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6GKlhHBQRYE12oUvMIMNFRaolzzHVkyZFcKAuo1c2exK0vJFHBEAezLb66A__U0i HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6GKlhHBQRYE12oUvMIMNFRaolzzHVkyZFcKAuo1c2exK0vJFHBEAezLb66A__U0i HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6GKlhHBQRYE12oUvMIMNFRaolzzHVkyZFcKAuo1c2exK0vJFHBEAezLb66A__U0i HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6GKlhHBQRYE12oUvMIMNFRaolzzHVkyZFcKAuo1c2exK0vJFHBEAezLb66A__U0i HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6GKlhHBQRYE12oUvMIMNFRaolzzHVkyZFcKAuo1c2exK0vJFHBEAezLb66A__U0i HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6GKlhHBQRYE12oUvMIMNFRaolzzHVkyZFcKAuo1c2exK0vJFHBEAezLb66A__U0i HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6GKlhHBQRYE12oUvMIMNFRaolzzHVkyZFcKAuo1c2exK0vJFHBEAezLb66A__U0i HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6GKlhHBQRYE12oUvMIMNFRaolzzHVkyZFcKAuo1c2exK0vJFHBEAezLb66A__U0i HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6GKlhHBQRYE12oUvMIMNFRaolzzHVkyZFcKAuo1c2exK0vJFHBEAezLb66A__U0i HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6GKlhHBQRYE12oUvMIMNFRaolzzHVkyZFcKAuo1c2exK0vJFHBEAezLb66A__U0i HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6GKlhHBQRYE12oUvMIMNFRaolzzHVkyZFcKAuo1c2exK0vJFHBEAezLb66A__U0i HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6GKlhHBQRYE12oUvMIMNFRaolzzHVkyZFcKAuo1c2exK0vJFHBEAezLb66A__U0i

Request Chain 142

• https://ti.tradetracker.net/?c=6261&m=1335741&a=289290&r=43430100013615900951407011677027&t=html HTTP 302
• https://static.tradetracker.net/be/material_image/90/dc75b7a82e57e54fe52164e2cc9a7052ba37b6.jpg

Request Chain 150

• https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEK52zKMLRkvSjfLg9i5He9k&google_cver=1&google_push=AYg5qPJL50HemI_bddsXgy54Dia6N7_hdwyTO-D8g_afjrtbJUHeSgxkH9f9pxkuhk9XbcQQnzroRdROH_HTmNJ_6KOpwYllv7A HTTP 302
• https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJL50HemI_bddsXgy54Dia6N7_hdwyTO-D8g_afjrtbJUHeSgxkH9f9pxkuhk9XbcQQnzroRdROH_HTmNJ_6KOpwYllv7A&google_hm=Zgye6Vl_gvVRAtlBQTmyOA

Request Chain 151

• https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPK9oo21KNrk8Awu0rFq2nsUyyP0nMG79CTMowqKsjxxusjC3HaEUDRLm5m3kB5hI2Q_uRkOY_ymxVmudWZ_n5dECFmbwa0&google_gid=CAESEIOC5zhzmfdZMSp5LgnGD3Y&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVF0c053QUFCT1ZxZkd6Rg&google_push=AYg5qPK9oo21KNrk8Awu0rFq2nsUyyP0nMG79CTMowqKsjxxusjC3HaEUDRLm5m3kB5hI2Q_uRkOY_ymxVmudWZ_n5dECFmbwa0

Request Chain 153

• https://rtb.openx.net/sync/dds?google_gid=CAESEFdShOY_7NyHU3QG7w17Nhg&google_cver=1&google_push=AYg5qPLFBld4maYALjLIKpTWYNOiwcIX3I8TNvgxCSXwaHq7YopuxHQ3fPrv-ZFJ6a30gyY0xpoLmurPMftNm9PzKfTfyaZHl6w HTTP 302
• https://rtb.openx.net/sync/dds?google_gid=CAESEFdShOY_7NyHU3QG7w17Nhg&google_cver=1&google_push=AYg5qPLFBld4maYALjLIKpTWYNOiwcIX3I8TNvgxCSXwaHq7YopuxHQ3fPrv-ZFJ6a30gyY0xpoLmurPMftNm9PzKfTfyaZHl6w&ox_sc=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLFBld4maYALjLIKpTWYNOiwcIX3I8TNvgxCSXwaHq7YopuxHQ3fPrv-ZFJ6a30gyY0xpoLmurPMftNm9PzKfTfyaZHl6w&google_hm=VXc2SHzkwCYnTi-3HV0kPw==

Request Chain 154

• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDvkh8hL7nswmvQcjgOVbuI&google_cver=1&google_push=AYg5qPJnNr5qf8g-F1qG_GDcfdg7UoPpxx31XAgqCjjGlajxa_HhBfJFOupDq-W1P08ZmOj1aY2W3f-qwgF2qpTfT_5GwhtrVw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QJJ5H9foSSeFGkEmhv3v7g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJnNr5qf8g-F1qG_GDcfdg7UoPpxx31XAgqCjjGlajxa_HhBfJFOupDq-W1P08ZmOj1aY2W3f-qwgF2qpTfT_5GwhtrVw

Request Chain 155

• https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGR9awP-Y2T9qg0lKmbLTWM&google_cver=1&google_push=AYg5qPJIXUIVMoJTmTDqrEuV2twA8t2mgPaH_e1kmCerl6RERB5Oi7-Tq-TSvteKc74BnkEcoMSLSQxOlCe1mUC7nSkaBLD3RUo HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JZRk5NVFktMVktNUdURw==&google_push=AYg5qPJIXUIVMoJTmTDqrEuV2twA8t2mgPaH_e1kmCerl6RERB5Oi7-Tq-TSvteKc74BnkEcoMSLSQxOlCe1mUC7nSkaBLD3RUo

Request Chain 156

• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqwsfE5K2PRcxckYgec-9tYe-Q HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqwsfE5K2PRcxckYgec-9tYe-Q&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqwsfE5K2PRcxckYgec-9tYe-Q&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqwsfE5K2PRcxckYgec-9tYe-Q&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqwsfE5K2PRcxckYgec-9tYe-Q&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqwsfE5K2PRcxckYgec-9tYe-Q&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqwsfE5K2PRcxckYgec-9tYe-Q&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqwsfE5K2PRcxckYgec-9tYe-Q&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqwsfE5K2PRcxckYgec-9tYe-Q&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqwsfE5K2PRcxckYgec-9tYe-Q&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqwsfE5K2PRcxckYgec-9tYe-Q&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqwsfE5K2PRcxckYgec-9tYe-Q&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqwsfE5K2PRcxckYgec-9tYe-Q&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqwsfE5K2PRcxckYgec-9tYe-Q&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqwsfE5K2PRcxckYgec-9tYe-Q&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqwsfE5K2PRcxckYgec-9tYe-Q&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqwsfE5K2PRcxckYgec-9tYe-Q&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqwsfE5K2PRcxckYgec-9tYe-Q&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqwsfE5K2PRcxckYgec-9tYe-Q&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqwsfE5K2PRcxckYgec-9tYe-Q&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqwsfE5K2PRcxckYgec-9tYe-Q&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE

Request Chain 166

• https://ti.tradetracker.net/?c=558&m=24180&a=70002&r=43430100013615900951407011677027&t=html HTTP 302
• https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg

183 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
8 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request vieclamdongnai Show response vhearts.net/	181 KB 39 KB	1014ms 394ms	Document text/html	27.72.72.31 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Full URL https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_256_GCM Server 27.72.72.31 Haiphong, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS dynamic-adsl.viettel.vn Software Apache / Resource Hash 678a21da8609bd43eba482287fe9703d9a16205f49e1c48ee5690842d424efbe Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers :method GET :authority vhearts.net :scheme https :path /vieclamdongnai pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 04:42:31 GMT server Apache x-frame-options SAMEORIGIN expires Thu, 19 Nov 1981 08:52:00 GMT Wed, 11 Jan 1984 05:00:00 GMT pragma no-cache no-cache cache-control max-age=846000 max-age=0, no-cache, no-store, must-revalidate set-cookie PHPSESSID=opmrogrvol8qc47cqa6hluqapb; path=/; HttpOnly ad-con=%7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2021-08-05%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D; expires=Sun, 03-Aug-2031 04:42:31 GMT; Max-Age=315360000 ad-con=%7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2021-08-05%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D; expires=Sun, 03-Aug-2031 04:42:31 GMT; Max-Age=315360000 _us=1628224951; expires=Sun, 03-Aug-2031 04:42:31 GMT; Max-Age=315360000 _us=1628224951; expires=Sun, 03-Aug-2031 04:42:31 GMT; Max-Age=315360000 mode=day; expires=Sun, 03-Aug-2031 04:42:31 GMT; Max-Age=315360000; path=/ access=1; expires=Fri, 06-Aug-2021 04:42:31 GMT; Max-Age=86400; path=/ src=1; expires=Fri, 05-Aug-2022 10:31:17 GMT; Max-Age=31556926; path=/ vary Accept-Encoding content-encoding gzip content-length 38594 content-type text/html; charset=UTF-8
GET H2	200	css2 fonts.googleapis.com/	4 KB 729 B	15ms 14ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 3ead3f5334b11f153bc63e3339db233df14200bb70895e0cf0a7a008496b3abc Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://vhearts.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 05 Aug 2021 03:42:38 GMT server ESF date Thu, 05 Aug 2021 04:42:28 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 05 Aug 2021 04:42:28 GMT
GET H2	200	general-style-plugins.css vhearts.net/themes/wondertag/stylesheet/	377 KB 55 KB	886ms 884ms	Stylesheet text/css	27.72.72.31 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Full URL https://vhearts.net/themes/wondertag/stylesheet/general-style-plugins.css?version=2.3.5 Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_256_GCM Server 27.72.72.31 Haiphong, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS dynamic-adsl.viettel.vn Software Apache / Resource Hash 4507293bc979d7f8bb198d54f88a984c3e63973d17d7b4628b686c3a7ba59ac0 Request headers :path /themes/wondertag/stylesheet/general-style-plugins.css?version=2.3.5 pragma no-cache cookie PHPSESSID=opmrogrvol8qc47cqa6hluqapb; ad-con=%7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2021-08-05%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D; _us=1628224951; mode=day; access=1; src=1 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority vhearts.net referer https://vhearts.net/vieclamdongnai :scheme https sec-fetch-site same-origin :method GET Referer https://vhearts.net/vieclamdongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:32 GMT content-encoding gzip last-modified Sun, 18 Oct 2020 13:00:26 GMT server Apache vary Accept-Encoding content-type text/css cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes content-length 56070 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	twilio-video.min.js Show response media.twiliocdn.com/sdk/js/video/releases/2.8.0/	644 KB 110 KB	293ms 243ms	Script application/javascript	104.22.59.219 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://media.twiliocdn.com/sdk/js/video/releases/2.8.0/twilio-video.min.js Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.59.219 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0590d65c62315b635cb3549aa3798da9672b56803d972e4ffd08b5f761ddd8f1 Request headers Referer https://vhearts.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 04:42:28 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Fri, 20 Nov 2020 20:33:15 GMT server cloudflare x-amz-request-id Y8J6MG6AZS3BD057 etag W/"e119056c64c4fd889824c017cbf314fb" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-amz-version-id T9LHosAXezBc68qqjitcb3JAb8aCAb2n content-type application/javascript cache-control max-age=315360000 cf-ray 679d5be97e904c2b-AMS x-amz-id-2 I3S7zho2V+pm73suyv9z+0Fyr4FUp/Yrk43ZGfv5vwATf65HH5wDZMsYur8kKGg615k7EkWxhlM= expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	style.css vhearts.net/themes/wondertag/stylesheet/	349 KB 67 KB	894ms 893ms	Stylesheet text/css	27.72.72.31 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Full URL https://vhearts.net/themes/wondertag/stylesheet/style.css?version=2.3.5 Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_256_GCM Server 27.72.72.31 Haiphong, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS dynamic-adsl.viettel.vn Software Apache / Resource Hash 4e79c3a200e87b7dcc50b281236e99bbc7b6e9cc8e9c09213794d7f8722ef3b5 Request headers :path /themes/wondertag/stylesheet/style.css?version=2.3.5 pragma no-cache cookie PHPSESSID=opmrogrvol8qc47cqa6hluqapb; ad-con=%7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2021-08-05%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D; _us=1628224951; mode=day; access=1; src=1 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority vhearts.net referer https://vhearts.net/vieclamdongnai :scheme https sec-fetch-site same-origin :method GET Referer https://vhearts.net/vieclamdongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:32 GMT content-encoding gzip last-modified Thu, 15 Jul 2021 17:00:02 GMT server Apache vary Accept-Encoding content-type text/css cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	style.header.css vhearts.net/themes/wondertag/stylesheet/	14 KB 3 KB	880ms 878ms	Stylesheet text/css	27.72.72.31 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Full URL https://vhearts.net/themes/wondertag/stylesheet/style.header.css?version=2.3.5 Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_256_GCM Server 27.72.72.31 Haiphong, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS dynamic-adsl.viettel.vn Software Apache / Resource Hash bbc9fcf28802ed32c4b3cff3fdbc3fcfcccaba259d4ce2b7cb24991b60057964 Request headers :path /themes/wondertag/stylesheet/style.header.css?version=2.3.5 pragma no-cache cookie PHPSESSID=opmrogrvol8qc47cqa6hluqapb; ad-con=%7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2021-08-05%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D; _us=1628224951; mode=day; access=1; src=1 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority vhearts.net referer https://vhearts.net/vieclamdongnai :scheme https sec-fetch-site same-origin :method GET Referer https://vhearts.net/vieclamdongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:32 GMT content-encoding gzip last-modified Thu, 15 Jul 2021 17:00:02 GMT server Apache vary Accept-Encoding content-type text/css cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes content-length 3088 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	font-awesome.min.css vhearts.net/themes/wondertag/stylesheet/font-awesome-4.7.0/css/	30 KB 7 KB	879ms 877ms	Stylesheet text/css	27.72.72.31 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Full URL https://vhearts.net/themes/wondertag/stylesheet/font-awesome-4.7.0/css/font-awesome.min.css Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_256_GCM Server 27.72.72.31 Haiphong, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS dynamic-adsl.viettel.vn Software Apache / Resource Hash 4e3db43e0e3bb334dda61e4f492c3652816bd25f0a7c015e9bab01997b3c3e3f Request headers :path /themes/wondertag/stylesheet/font-awesome-4.7.0/css/font-awesome.min.css pragma no-cache cookie PHPSESSID=opmrogrvol8qc47cqa6hluqapb; ad-con=%7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2021-08-05%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D; _us=1628224951; mode=day; access=1; src=1 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority vhearts.net referer https://vhearts.net/vieclamdongnai :scheme https sec-fetch-site same-origin :method GET Referer https://vhearts.net/vieclamdongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:32 GMT content-encoding gzip last-modified Tue, 22 Aug 2017 16:18:26 GMT server Apache vary Accept-Encoding content-type text/css cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes content-length 7052 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	jquery-3.1.1.min.js Show response vhearts.net/themes/wondertag/javascript/	385 KB 110 KB	1178ms 1176ms	Script application/javascript	27.72.72.31 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Full URL https://vhearts.net/themes/wondertag/javascript/jquery-3.1.1.min.js Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_256_GCM Server 27.72.72.31 Haiphong, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS dynamic-adsl.viettel.vn Software Apache / Resource Hash 50f5ba9edad362ce455cfd1482803e1dbaa117a523e5b63baf7708f22b7070b9 Request headers :path /themes/wondertag/javascript/jquery-3.1.1.min.js pragma no-cache cookie PHPSESSID=opmrogrvol8qc47cqa6hluqapb; ad-con=%7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2021-08-05%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D; _us=1628224951; mode=day; access=1; src=1 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority vhearts.net referer https://vhearts.net/vieclamdongnai :scheme https sec-fetch-site same-origin :method GET Referer https://vhearts.net/vieclamdongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:32 GMT content-encoding gzip last-modified Thu, 04 Oct 2018 09:30:56 GMT server Apache vary Accept-Encoding content-type application/javascript cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	jquery.ui.touch-punch.min.js Show response cdn.jsdelivr.net/npm/jquery-ui-touch-punch@0.2.3/	1 KB 988 B	21ms 5ms	Script application/javascript	2a04:4e42:3::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/jquery-ui-touch-punch@0.2.3/jquery.ui.touch-punch.min.js Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://vhearts.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 1218081 x-jsd-version 0.2.3 x-cache HIT cross-origin-resource-policy cross-origin content-length 597 etag W/"50b-wcNuaSdDYjHrIEdDVrKWZ8TGSKo" x-served-by cache-fra19174-FRA x-jsd-version-type version date Thu, 05 Aug 2021 04:42:28 GMT vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	bootstrap-select.min.css cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.13.18/css/	11 KB 2 KB	12ms 11ms	Stylesheet text/css	2606:4700::6810:135e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.13.18/css/bootstrap-select.min.css Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c22308edbb8e579501cdd58de2ce245ea13f2d9efde21c79a0938e21094305a3 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://vhearts.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 04:42:28 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 34395 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 1895 timing-allow-origin * last-modified Mon, 29 Jun 2020 16:55:10 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5efa1cee-2bb0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tf%2Bg%2FG5fDHXRxNDYuUdmcL3GI%2Ffz9XrA1MlGrtyeE9o2EWDh7ZcA39crNTwYhm5id0MZZZCnSehDbUnaR3BWX%2FmjNS5W3Zvs2bj4ggT5B5rAhpoNSPtVWLVAkztD6b0FwMz55038mCaEIBKeTZNgdK83"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 679d5be92a124e7f-FRA expires Tue, 26 Jul 2022 04:42:28 GMT
GET H2	200	bootstrap-select.min.js Show response cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.13.18/js/	52 KB 14 KB	13ms 11ms	Script application/javascript	2606:4700::6810:135e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.13.18/js/bootstrap-select.min.js Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa8d026a6e17274410d3a5e70a20856018771835d4e398f7969529f9e9b6c815 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://vhearts.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 04:42:28 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2545505 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 13973 timing-allow-origin * last-modified Mon, 29 Jun 2020 16:55:10 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5efa1cee-d18c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X2hT%2Fr0h6GRlYQFCevd6PBf%2BPVTCEeCInWlcOdkQEkHc95XgmZtotBa9dwjIkNvwFXVnD48U3kf%2BTgN1s2hDXvanDvXDG9cIanoJawMOKVIYywuNd6g3D0gHWilFpWaFIc7fiO%2FawQz0yXs0uKxRkqqp"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 679d5be92a154e7f-FRA expires Tue, 26 Jul 2022 04:42:28 GMT
GET H2	200	artplayer.js Show response vhearts.net/themes/wondertag/player/	118 KB 27 KB	893ms 891ms	Script application/javascript	27.72.72.31 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Full URL https://vhearts.net/themes/wondertag/player/artplayer.js Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_256_GCM Server 27.72.72.31 Haiphong, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS dynamic-adsl.viettel.vn Software Apache / Resource Hash c080e425a52cdb4ee97c30b07356cb28932c6789fda07d739e531f23bded3462 Request headers :path /themes/wondertag/player/artplayer.js pragma no-cache cookie PHPSESSID=opmrogrvol8qc47cqa6hluqapb; ad-con=%7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2021-08-05%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D; _us=1628224951; mode=day; access=1; src=1 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority vhearts.net referer https://vhearts.net/vieclamdongnai :scheme https sec-fetch-site same-origin :method GET Referer https://vhearts.net/vieclamdongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:32 GMT content-encoding gzip last-modified Thu, 15 Jul 2021 16:59:42 GMT server Apache vary Accept-Encoding content-type application/javascript cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes content-length 27802 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	wavesurfer.min.js Show response vhearts.net/themes/wondertag/player/	67 KB 15 KB	1176ms 1175ms	Script application/javascript	27.72.72.31 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Full URL https://vhearts.net/themes/wondertag/player/wavesurfer.min.js Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_256_GCM Server 27.72.72.31 Haiphong, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS dynamic-adsl.viettel.vn Software Apache / Resource Hash 4dd7ca26366191c4c87d0da61ec047712e0631ec11e521d7a184a048499d27eb Request headers :path /themes/wondertag/player/wavesurfer.min.js pragma no-cache cookie PHPSESSID=opmrogrvol8qc47cqa6hluqapb; ad-con=%7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2021-08-05%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D; _us=1628224951; mode=day; access=1; src=1 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority vhearts.net referer https://vhearts.net/vieclamdongnai :scheme https sec-fetch-site same-origin :method GET Referer https://vhearts.net/vieclamdongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:32 GMT content-encoding gzip last-modified Thu, 15 Jul 2021 16:59:42 GMT server Apache vary Accept-Encoding content-type application/javascript cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes content-length 15252 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	wavesurfer.cursor.min.js Show response vhearts.net/themes/wondertag/player/	5 KB 2 KB	881ms 879ms	Script application/javascript	27.72.72.31 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Full URL https://vhearts.net/themes/wondertag/player/wavesurfer.cursor.min.js Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_256_GCM Server 27.72.72.31 Haiphong, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS dynamic-adsl.viettel.vn Software Apache / Resource Hash 920cd13901db3df43b834b71583becded744b238626e6a84715177b2ab6f9f43 Request headers :path /themes/wondertag/player/wavesurfer.cursor.min.js pragma no-cache cookie PHPSESSID=opmrogrvol8qc47cqa6hluqapb; ad-con=%7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2021-08-05%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D; _us=1628224951; mode=day; access=1; src=1 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority vhearts.net referer https://vhearts.net/vieclamdongnai :scheme https sec-fetch-site same-origin :method GET Referer https://vhearts.net/vieclamdongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:32 GMT content-encoding gzip last-modified Thu, 15 Jul 2021 16:59:42 GMT server Apache vary Accept-Encoding content-type application/javascript cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes content-length 1730 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	100 KB 40 KB	38ms 31ms	Script application/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-143895203-1 Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash f743c5a15c49d8f0b8f97697986a9e98ffb62cd4388e5aff14cc3c4576c05b76 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://vhearts.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 04:42:30 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 40793 x-xss-protection 0 last-modified Thu, 05 Aug 2021 03:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 05 Aug 2021 04:42:30 GMT
GET H2	200	platform.js Show response apis.google.com/js/	54 KB 21 KB	34ms 27ms	Script application/javascript	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/platform.js Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 7c0d08933537eec00050d60f0955e4088385a35bcb115e7d9d8fe9016cb17b2c Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-xFcp4so63lEwB+dg+hecYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://vhearts.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 04:42:30 GMT content-encoding gzip x-content-type-options nosniff p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 x-ua-compatible IE=edge, chrome=1 server ESF x-frame-options SAMEORIGIN etag "30d1d2919676634bf2aebe648f84c2ce" strict-transport-security max-age=31536000 content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control private, max-age=1800, stale-while-revalidate=1800 content-security-policy script-src 'report-sample' 'nonce-xFcp4so63lEwB+dg+hecYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport timing-allow-origin * expires Thu, 05 Aug 2021 04:42:30 GMT
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	3 KB 2 KB	7ms 6ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 49f055ff6d11d0d9b21db8383127e72107216365e78bd88b5d72c6b19fcfa497 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Origin https://vhearts.net Referer https://vhearts.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 yEgxdsixvjmMM/yFQ4g3NQ== cross-origin-resource-policy cross-origin expires Thu, 05 Aug 2021 04:50:05 GMT alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 1686 x-fb-rlafr 0 x-fb-debug jUKcCcoYza04y8WlYMibQwWeeHwJQ6C+tVil7Gcv/vPQpUUv5Vdrwx6d+jU3InWMRt8CJI5oZpyNrC8VUF1Qog== x-fb-trip-id 686109401 x-fb-content-md5 80e8e0fb416637f14e6c6224dfe81247 cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coop_report" date Thu, 05 Aug 2021 04:42:28 GMT x-frame-options DENY report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public,max-age=1200,stale-while-revalidate=3600 etag "b3651d403dc9e157ba099b5fa38bc8d7" timing-allow-origin * access-control-expose-headers X-FB-Content-MD5
GET H2	200	socket.io.js Show response vhearts.net/themes/wondertag/javascript/	67 KB 20 KB	1176ms 1175ms	Script application/javascript	27.72.72.31 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Full URL https://vhearts.net/themes/wondertag/javascript/socket.io.js Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_256_GCM Server 27.72.72.31 Haiphong, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS dynamic-adsl.viettel.vn Software Apache / Resource Hash 6d09ab65ee323e742b2d363ed6063295f34c06e19f9d3fc72ac0865fef57baaa Request headers :path /themes/wondertag/javascript/socket.io.js pragma no-cache cookie PHPSESSID=opmrogrvol8qc47cqa6hluqapb; ad-con=%7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2021-08-05%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D; _us=1628224951; mode=day; access=1; src=1 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority vhearts.net referer https://vhearts.net/vieclamdongnai :scheme https sec-fetch-site same-origin :method GET Referer https://vhearts.net/vieclamdongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:32 GMT content-encoding gzip last-modified Fri, 16 Oct 2020 19:21:18 GMT server Apache vary Accept-Encoding content-type application/javascript cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes content-length 20048 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	jquery.adaptive-backgrounds.js Show response vhearts.net/themes/wondertag/javascript/	4 KB 2 KB	879ms 879ms	Script application/javascript	27.72.72.31 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Full URL https://vhearts.net/themes/wondertag/javascript/jquery.adaptive-backgrounds.js Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_256_GCM Server 27.72.72.31 Haiphong, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS dynamic-adsl.viettel.vn Software Apache / Resource Hash 1b68bc7f2116741a1416a43a9e253d79afbcb25b603ab544c7fdf79c5959b468 Request headers :path /themes/wondertag/javascript/jquery.adaptive-backgrounds.js pragma no-cache cookie PHPSESSID=opmrogrvol8qc47cqa6hluqapb; ad-con=%7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2021-08-05%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D; _us=1628224951; mode=day; access=1; src=1 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority vhearts.net referer https://vhearts.net/vieclamdongnai :scheme https sec-fetch-site same-origin :method GET Referer https://vhearts.net/vieclamdongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:32 GMT content-encoding gzip last-modified Thu, 11 Jun 2020 12:02:52 GMT server Apache vary Accept-Encoding content-type application/javascript cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes content-length 1542 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	logo.png vhearts.net/themes/wondertag/img/	27 KB 27 KB	307ms 300ms	Image image/png	27.72.72.31 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Show image Full URL https://vhearts.net/themes/wondertag/img/logo.png Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_256_GCM Server 27.72.72.31 Haiphong, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS dynamic-adsl.viettel.vn Software Apache / Resource Hash 8eaa091b02d5a8c5fdeba0d5d18a0a8311949cc637632895f73022118ce35168 Request headers :path /themes/wondertag/img/logo.png pragma no-cache cookie PHPSESSID=opmrogrvol8qc47cqa6hluqapb; ad-con=%7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2021-08-05%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D; _us=1628224951; mode=day; access=1; src=1 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority vhearts.net referer https://vhearts.net/vieclamdongnai :scheme https sec-fetch-site same-origin :method GET Referer https://vhearts.net/vieclamdongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:33 GMT last-modified Sun, 27 Jun 2021 11:57:06 GMT server Apache content-type image/png cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes content-length 27158 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	icon.png vhearts.net/themes/wondertag/img/	26 KB 26 KB	307ms 300ms	Image image/png	27.72.72.31 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Show image Full URL https://vhearts.net/themes/wondertag/img/icon.png Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_256_GCM Server 27.72.72.31 Haiphong, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS dynamic-adsl.viettel.vn Software Apache / Resource Hash 965dce9df441715b933acdf9e9ff844c22c2edd432414ddb5b9b4b781028bb8d Request headers :path /themes/wondertag/img/icon.png pragma no-cache cookie PHPSESSID=opmrogrvol8qc47cqa6hluqapb; ad-con=%7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2021-08-05%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D; _us=1628224951; mode=day; access=1; src=1 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority vhearts.net referer https://vhearts.net/vieclamdongnai :scheme https sec-fetch-site same-origin :method GET Referer https://vhearts.net/vieclamdongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:33 GMT last-modified Sun, 27 Jun 2021 11:56:52 GMT server Apache content-type image/png cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes content-length 26687 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	dmca_protected_sml_120r.png images.dmca.com/Badges/	3 KB 3 KB	26ms 19ms	Image image/png	151.139.242.29 HIGHWINDS2
General Check archive.org Show headers Download Go to Show image Full URL https://images.dmca.com/Badges/dmca_protected_sml_120r.png?ID=c5395254-857b-4ac2-83da-c089a235ac88 Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.242.29 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / ASP.NET Resource Hash dd183a3805766ad783d9e3bd80e73a769089e021349b444bf4973e76b7a5259c Request headers Referer https://vhearts.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 04:42:30 GMT last-modified Tue, 04 May 2010 23:19:10 GMT server nginx x-powered-by ASP.NET etag "74708833e0ebca1:0" x-cache HIT content-type image/png access-control-allow-origin * cache-control max-age=2592000 accept-ranges bytes link <http://dmca-images.azurewebsites.net/Badges/dmca_protected_sml_120r.png>; rel="canonical" content-length 3223 expires Sat, 04 Sep 2021 04:41:44 GMT
GET H2	200	DMCABadgeHelper.min.js Show response images.dmca.com/Badges/	465 B 633 B	63ms 18ms	Script application/javascript	151.139.242.29 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://images.dmca.com/Badges/DMCABadgeHelper.min.js Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.242.29 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / ASP.NET Resource Hash e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0 Request headers Referer https://vhearts.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 04:42:30 GMT content-encoding gzip last-modified Fri, 21 Jun 2019 20:14:34 GMT server nginx x-powered-by ASP.NET etag "26b181f16d28d51:0" vary Accept-Encoding x-cache HIT content-type application/javascript access-control-allow-origin * cache-control max-age=2592000 accept-ranges bytes link <http://dmca-images.azurewebsites.net/Badges/DMCABadgeHelper.min.js>; rel="canonical" content-length 280 expires Sat, 04 Sep 2021 04:41:31 GMT
GET H2	200	b5efpJob5xZzdQNrZhwy_04_45b1402c4a341500c5f886af6a5885af_cover.jpg vhearts.net/upload/photos/2021/08/	32 KB 33 KB	633ms 626ms	Image image/jpeg	27.72.72.31 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Show image Full URL https://vhearts.net/upload/photos/2021/08/b5efpJob5xZzdQNrZhwy_04_45b1402c4a341500c5f886af6a5885af_cover.jpg?cache=0 Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_256_GCM Server 27.72.72.31 Haiphong, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS dynamic-adsl.viettel.vn Software Apache / Resource Hash 3a35cb879a429992193c9ed9bf50143cc77716637a4151366c6ace162bb83baf Request headers :path /upload/photos/2021/08/b5efpJob5xZzdQNrZhwy_04_45b1402c4a341500c5f886af6a5885af_cover.jpg?cache=0 pragma no-cache cookie PHPSESSID=opmrogrvol8qc47cqa6hluqapb; ad-con=%7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2021-08-05%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D; _us=1628224951; mode=day; access=1; src=1 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority vhearts.net referer https://vhearts.net/vieclamdongnai :scheme https sec-fetch-site same-origin :method GET Referer https://vhearts.net/vieclamdongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:34 GMT last-modified Wed, 04 Aug 2021 12:59:36 GMT server Apache content-type image/jpeg access-control-allow-origin * cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes content-length 33131 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	b5efpJob5xZzdQNrZhwy_04_45b1402c4a341500c5f886af6a5885af_cover_full.jpg vhearts.net/upload/photos/2021/08/	40 KB 41 KB	635ms 629ms	Image image/jpeg	27.72.72.31 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Show image Full URL https://vhearts.net/upload/photos/2021/08/b5efpJob5xZzdQNrZhwy_04_45b1402c4a341500c5f886af6a5885af_cover_full.jpg Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_256_GCM Server 27.72.72.31 Haiphong, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS dynamic-adsl.viettel.vn Software Apache / Resource Hash 2ea29378873a596965d8514915b985273a2a435e570b8194f045824c029749d5 Request headers :path /upload/photos/2021/08/b5efpJob5xZzdQNrZhwy_04_45b1402c4a341500c5f886af6a5885af_cover_full.jpg pragma no-cache cookie PHPSESSID=opmrogrvol8qc47cqa6hluqapb; ad-con=%7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2021-08-05%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D; _us=1628224951; mode=day; access=1; src=1 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority vhearts.net referer https://vhearts.net/vieclamdongnai :scheme https sec-fetch-site same-origin :method GET Referer https://vhearts.net/vieclamdongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:34 GMT last-modified Wed, 04 Aug 2021 12:59:36 GMT server Apache content-type image/jpeg access-control-allow-origin * cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes content-length 41335 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	HOZWHET8Evo79hkbrl3v_04_6b173153ab332529dace530b0123bde6_avatar.jpg vhearts.net/upload/photos/2021/08/	7 KB 7 KB	632ms 626ms	Image image/jpeg	27.72.72.31 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Show image Full URL https://vhearts.net/upload/photos/2021/08/HOZWHET8Evo79hkbrl3v_04_6b173153ab332529dace530b0123bde6_avatar.jpg?cache=0 Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_256_GCM Server 27.72.72.31 Haiphong, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS dynamic-adsl.viettel.vn Software Apache / Resource Hash e863964cda057b414be339ad213b1117671a514f54033c5875bc069ee48b3671 Request headers :path /upload/photos/2021/08/HOZWHET8Evo79hkbrl3v_04_6b173153ab332529dace530b0123bde6_avatar.jpg?cache=0 pragma no-cache cookie PHPSESSID=opmrogrvol8qc47cqa6hluqapb; ad-con=%7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2021-08-05%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D; _us=1628224951; mode=day; access=1; src=1 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority vhearts.net referer https://vhearts.net/vieclamdongnai :scheme https sec-fetch-site same-origin :method GET Referer https://vhearts.net/vieclamdongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:34 GMT last-modified Wed, 04 Aug 2021 12:59:35 GMT server Apache content-type image/jpeg access-control-allow-origin * cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes content-length 6757 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	b5efpJob5xZzdQNrZhwy_04_45b1402c4a341500c5f886af6a5885af_cover_full.jpg vhearts.net/upload/photos/2021/08/	40 KB 41 KB	631ms 625ms	Image image/jpeg	27.72.72.31 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Show image Full URL https://vhearts.net/upload/photos/2021/08/b5efpJob5xZzdQNrZhwy_04_45b1402c4a341500c5f886af6a5885af_cover_full.jpg?cache=0 Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_256_GCM Server 27.72.72.31 Haiphong, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS dynamic-adsl.viettel.vn Software Apache / Resource Hash 2ea29378873a596965d8514915b985273a2a435e570b8194f045824c029749d5 Request headers :path /upload/photos/2021/08/b5efpJob5xZzdQNrZhwy_04_45b1402c4a341500c5f886af6a5885af_cover_full.jpg?cache=0 pragma no-cache cookie PHPSESSID=opmrogrvol8qc47cqa6hluqapb; ad-con=%7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2021-08-05%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D; _us=1628224951; mode=day; access=1; src=1 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority vhearts.net referer https://vhearts.net/vieclamdongnai :scheme https sec-fetch-site same-origin :method GET Referer https://vhearts.net/vieclamdongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:34 GMT last-modified Wed, 04 Aug 2021 12:59:36 GMT server Apache content-type image/jpeg access-control-allow-origin * cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes content-length 41335 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	HOZWHET8Evo79hkbrl3v_04_6b173153ab332529dace530b0123bde6_avatar_full.jpg vhearts.net/upload/photos/2021/08/	24 KB 24 KB	631ms 625ms	Image image/jpeg	27.72.72.31 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Show image Full URL https://vhearts.net/upload/photos/2021/08/HOZWHET8Evo79hkbrl3v_04_6b173153ab332529dace530b0123bde6_avatar_full.jpg?cache=0 Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_256_GCM Server 27.72.72.31 Haiphong, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS dynamic-adsl.viettel.vn Software Apache / Resource Hash d6fbf88cf6cfddb171fdeae7974c43f355ede41dbfc888770d03b3c3fda02001 Request headers :path /upload/photos/2021/08/HOZWHET8Evo79hkbrl3v_04_6b173153ab332529dace530b0123bde6_avatar_full.jpg?cache=0 pragma no-cache cookie PHPSESSID=opmrogrvol8qc47cqa6hluqapb; ad-con=%7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2021-08-05%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D; _us=1628224951; mode=day; access=1; src=1 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority vhearts.net referer https://vhearts.net/vieclamdongnai :scheme https sec-fetch-site same-origin :method GET Referer https://vhearts.net/vieclamdongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:34 GMT last-modified Wed, 04 Aug 2021 12:59:35 GMT server Apache content-type image/jpeg access-control-allow-origin * cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes content-length 24675 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	136 KB 48 KB	39ms 34ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 50e01844cb356922d2751fe9c1b6c04d49ef19aea159cb843823f077a5376d8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://vhearts.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 04:42:30 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 49379 x-xss-protection 0 server cafe etag 13186439114546987787 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Thu, 05 Aug 2021 04:42:30 GMT
GET H2	200	Qk5rVED.png i.imgur.com/	80 KB 80 KB	79ms 24ms	Image image/png	151.101.12.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/Qk5rVED.png Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 85dc73ea8ad5f544db288148cadd115b1dcf8618e6df45d96cb91751c868650d Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers Referer https://vhearts.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 04:42:30 GMT x-content-type-options nosniff age 1026649 x-cache HIT, HIT content-length 81915 x-served-by cache-bwi5124-BWI, cache-fra19171-FRA last-modified Sat, 27 Jul 2019 17:38:12 GMT server cat factory 1.0 x-timer S1628138550.286564,VS0,VE1 etag "65e9098cdec35a4cd7bf680ba01c0925" strict-transport-security max-age=300 access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 1
GET H2	200	VN-300x600.jpg media.go2speed.org/brand/files/hostinger/6/	76 KB 76 KB	106ms 30ms	Image image/jpeg	13.224.193.114 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://media.go2speed.org/brand/files/hostinger/6/VN-300x600.jpg Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.193.114 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-193-114.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash c16152b3928e28c3233fb61e60272ef1dea2f0628179ba9ad944ef9de5a0b648 Request headers Referer https://vhearts.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Thu, 05 Aug 2021 04:41:05 GMT via 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront) last-modified Wed, 09 Dec 2020 14:11:51 GMT server AmazonS3 age 86 etag "3be1b946418a8b12bb1b42385146671c" x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=3600 x-amz-cf-pop FRA2-C1 accept-ranges bytes content-length 77491 x-amz-cf-id RNPI-Vg_qTYsZElidO0rnYpd2eT4ch2zOdKbzkH2eXWlVDqtKMpqJQ==
GET H/1.1	200 OK	aff_i www.hostg.xyz/	43 B 466 B	165ms 39ms	Image image/gif	3.248.18.157 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.hostg.xyz/aff_i?offer_id=6&file_id=1389&aff_id=8075 Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.248.18.157 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-248-18-157.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c Request headers Referer https://vhearts.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Thu, 05 Aug 2021 04:42:30 GMT Server nginx Tracking_id 102f9a6e993557727624c44a42cc98 Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Access-Control-Allow-Headers Tune-SDK-Version Content-Length 43 X-Request-Id d3d5391c8b10d1b472d69a4ac7866406 Expires Sat, 26 Jul 1997 05:00:00 GMT
GET H2	200	Oa3MEx3zWyzMs33UnFjF_url_image.jpg vhearts.net/upload/photos/2021/08/	6 KB 7 KB	630ms 626ms	Image image/jpeg	27.72.72.31 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Show image Full URL https://vhearts.net/upload/photos/2021/08/Oa3MEx3zWyzMs33UnFjF_url_image.jpg Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_256_GCM Server 27.72.72.31 Haiphong, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS dynamic-adsl.viettel.vn Software Apache / Resource Hash 117cc5ed19f51af4dcf69e76cd7c229fcb1f62ae531d706c5c965d44452e7ab2 Request headers :path /upload/photos/2021/08/Oa3MEx3zWyzMs33UnFjF_url_image.jpg pragma no-cache cookie PHPSESSID=opmrogrvol8qc47cqa6hluqapb; ad-con=%7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2021-08-05%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D; _us=1628224951; mode=day; access=1; src=1 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority vhearts.net referer https://vhearts.net/vieclamdongnai :scheme https sec-fetch-site same-origin :method GET Referer https://vhearts.net/vieclamdongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:34 GMT last-modified Wed, 04 Aug 2021 17:49:44 GMT server Apache content-type image/jpeg access-control-allow-origin * cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes content-length 6637 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	favicons www.google.com/s2/	1 KB 2 KB	11ms 6ms	Image image/png	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/s2/favicons?sz=32&domain_url=vieclam.dongnai.vn Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ea60b9b18741ff5959b8c3676c73a189451c4d6211f8c004f8e124afdf113feb Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-eHuc/v1c9clc7R3C3TnW1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/FaviconHttp/cspreport;worker-src 'self', script-src 'nonce-eHuc/v1c9clc7R3C3TnW1A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/FaviconHttp/cspreport, require-trusted-types-for 'script';report-uri /s2/_/FaviconHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://vhearts.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 04 Aug 2021 19:03:52 GMT x-content-type-options nosniff server ESF cross-origin-opener-policy same-origin; report-to="FaviconHttp" age 34718 x-frame-options SAMEORIGIN report-to {"group":"FaviconHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/FaviconHttp/external"}]} content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin content-security-policy script-src 'report-sample' 'nonce-eHuc/v1c9clc7R3C3TnW1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/FaviconHttp/cspreport;worker-src 'self', script-src 'nonce-eHuc/v1c9clc7R3C3TnW1A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/FaviconHttp/cspreport, require-trusted-types-for 'script';report-uri /s2/_/FaviconHttp/cspreport alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1064 x-xss-protection 0 expires Thu, 05 Aug 2021 19:03:52 GMT
GET H2	200	y9hPqd584FRe45kttFzC_url_image.jpg vhearts.net/upload/photos/2021/08/	54 KB 55 KB	633ms 628ms	Image image/jpeg	27.72.72.31 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Show image Full URL https://vhearts.net/upload/photos/2021/08/y9hPqd584FRe45kttFzC_url_image.jpg Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_256_GCM Server 27.72.72.31 Haiphong, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS dynamic-adsl.viettel.vn Software Apache / Resource Hash 8164782f81ee520887d667d7644dbd13b3727400fe55edf5de6099329a302cab Request headers :path /upload/photos/2021/08/y9hPqd584FRe45kttFzC_url_image.jpg pragma no-cache cookie PHPSESSID=opmrogrvol8qc47cqa6hluqapb; ad-con=%7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2021-08-05%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D; _us=1628224951; mode=day; access=1; src=1 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority vhearts.net referer https://vhearts.net/vieclamdongnai :scheme https sec-fetch-site same-origin :method GET Referer https://vhearts.net/vieclamdongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:34 GMT last-modified Wed, 04 Aug 2021 17:49:11 GMT server Apache content-type image/jpeg access-control-allow-origin * cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes content-length 55630 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	YVYn8dzlKmJFWqs1TC7B_url_image.jpg vhearts.net/upload/photos/2021/08/	74 KB 75 KB	633ms 629ms	Image image/jpeg	27.72.72.31 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Show image Full URL https://vhearts.net/upload/photos/2021/08/YVYn8dzlKmJFWqs1TC7B_url_image.jpg Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_256_GCM Server 27.72.72.31 Haiphong, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS dynamic-adsl.viettel.vn Software Apache / Resource Hash e79cc6fa2ef6cc39fa29a4fea71c7b88c3eb2596ec13320e905cb2fcd9d521e3 Request headers :path /upload/photos/2021/08/YVYn8dzlKmJFWqs1TC7B_url_image.jpg pragma no-cache cookie PHPSESSID=opmrogrvol8qc47cqa6hluqapb; ad-con=%7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2021-08-05%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D; _us=1628224951; mode=day; access=1; src=1 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority vhearts.net referer https://vhearts.net/vieclamdongnai :scheme https sec-fetch-site same-origin :method GET Referer https://vhearts.net/vieclamdongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:34 GMT last-modified Wed, 04 Aug 2021 17:48:40 GMT server Apache content-type image/jpeg access-control-allow-origin * cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes content-length 76037 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	FdMVmyuP9UaVM5eNWTpd_url_image.jpg vhearts.net/upload/photos/2021/08/	43 KB 43 KB	636ms 632ms	Image image/jpeg	27.72.72.31 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Show image Full URL https://vhearts.net/upload/photos/2021/08/FdMVmyuP9UaVM5eNWTpd_url_image.jpg Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_256_GCM Server 27.72.72.31 Haiphong, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS dynamic-adsl.viettel.vn Software Apache / Resource Hash 879caf6954be003846802b519a509f3f830afa594b5b2557347bf61d4c0bfa28 Request headers :path /upload/photos/2021/08/FdMVmyuP9UaVM5eNWTpd_url_image.jpg pragma no-cache cookie PHPSESSID=opmrogrvol8qc47cqa6hluqapb; ad-con=%7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2021-08-05%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D; _us=1628224951; mode=day; access=1; src=1 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority vhearts.net referer https://vhearts.net/vieclamdongnai :scheme https sec-fetch-site same-origin :method GET Referer https://vhearts.net/vieclamdongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:34 GMT last-modified Wed, 04 Aug 2021 17:47:23 GMT server Apache content-type image/jpeg access-control-allow-origin * cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes content-length 44058 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	7qNMWMdJkeSJs22lF6ZB_url_image.jpg vhearts.net/upload/photos/2021/08/	38 KB 39 KB	635ms 632ms	Image image/jpeg	27.72.72.31 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Show image Full URL https://vhearts.net/upload/photos/2021/08/7qNMWMdJkeSJs22lF6ZB_url_image.jpg Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_256_GCM Server 27.72.72.31 Haiphong, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS dynamic-adsl.viettel.vn Software Apache / Resource Hash c81381dbf5d473ff41aad65db2bb6c2546b478cb56a99c9fee1a592b28901ce4 Request headers :path /upload/photos/2021/08/7qNMWMdJkeSJs22lF6ZB_url_image.jpg pragma no-cache cookie PHPSESSID=opmrogrvol8qc47cqa6hluqapb; ad-con=%7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2021-08-05%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D; _us=1628224951; mode=day; access=1; src=1 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority vhearts.net referer https://vhearts.net/vieclamdongnai :scheme https sec-fetch-site same-origin :method GET Referer https://vhearts.net/vieclamdongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:34 GMT last-modified Wed, 04 Aug 2021 17:46:49 GMT server Apache content-type image/jpeg access-control-allow-origin * cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes content-length 39173 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	b5efpJob5xZzdQNrZhwy_04_45b1402c4a341500c5f886af6a5885af_cover.jpg vhearts.net/upload/photos/2021/08/	32 KB 33 KB	631ms 628ms	Image image/jpeg	27.72.72.31 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Show image Full URL https://vhearts.net/upload/photos/2021/08/b5efpJob5xZzdQNrZhwy_04_45b1402c4a341500c5f886af6a5885af_cover.jpg Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_256_GCM Server 27.72.72.31 Haiphong, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS dynamic-adsl.viettel.vn Software Apache / Resource Hash 3a35cb879a429992193c9ed9bf50143cc77716637a4151366c6ace162bb83baf Request headers :path /upload/photos/2021/08/b5efpJob5xZzdQNrZhwy_04_45b1402c4a341500c5f886af6a5885af_cover.jpg pragma no-cache cookie PHPSESSID=opmrogrvol8qc47cqa6hluqapb; ad-con=%7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2021-08-05%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D; _us=1628224951; mode=day; access=1; src=1 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority vhearts.net referer https://vhearts.net/vieclamdongnai :scheme https sec-fetch-site same-origin :method GET Referer https://vhearts.net/vieclamdongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:34 GMT last-modified Wed, 04 Aug 2021 12:59:36 GMT server Apache content-type image/jpeg access-control-allow-origin * cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes content-length 33131 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	qrcode.min.js Show response vhearts.net/themes/wondertag/javascript/	51 KB 14 KB	303ms 302ms	Script application/javascript	27.72.72.31 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Full URL https://vhearts.net/themes/wondertag/javascript/qrcode.min.js Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_256_GCM Server 27.72.72.31 Haiphong, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS dynamic-adsl.viettel.vn Software Apache / Resource Hash 74cf6ca405238bb4d8cd192384b16c7b2fc84a3382100263de2230cf8cf0d789 Request headers :path /themes/wondertag/javascript/qrcode.min.js pragma no-cache cookie PHPSESSID=opmrogrvol8qc47cqa6hluqapb; ad-con=%7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2021-08-05%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D; _us=1628224951; mode=day; access=1; src=1 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority vhearts.net referer https://vhearts.net/vieclamdongnai :scheme https sec-fetch-site same-origin :method GET Referer https://vhearts.net/vieclamdongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:33 GMT content-encoding gzip last-modified Thu, 15 Jul 2021 16:51:21 GMT server Apache vary Accept-Encoding content-type application/javascript cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes content-length 14415 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	welcome.js Show response vhearts.net/themes/wondertag/javascript/	516 B 365 B	307ms 300ms	Script application/javascript	27.72.72.31 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Full URL https://vhearts.net/themes/wondertag/javascript/welcome.js Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_256_GCM Server 27.72.72.31 Haiphong, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS dynamic-adsl.viettel.vn Software Apache / Resource Hash f5f49770d9b13beb49ce66866cd25b9fc5a19b3c28297c3785d0e606a84f7fcf Request headers :path /themes/wondertag/javascript/welcome.js pragma no-cache cookie PHPSESSID=opmrogrvol8qc47cqa6hluqapb; ad-con=%7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2021-08-05%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D; _us=1628224951; mode=day; access=1; src=1 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority vhearts.net referer https://vhearts.net/vieclamdongnai :scheme https sec-fetch-site same-origin :method GET Referer https://vhearts.net/vieclamdongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:33 GMT content-encoding gzip last-modified Tue, 18 Aug 2020 06:20:08 GMT server Apache vary Accept-Encoding content-type application/javascript cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes content-length 307 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	script.js Show response vhearts.net/themes/wondertag/javascript/	363 KB 89 KB	313ms 306ms	Script application/javascript	27.72.72.31 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Full URL https://vhearts.net/themes/wondertag/javascript/script.js?version=2.3.5 Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_256_GCM Server 27.72.72.31 Haiphong, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS dynamic-adsl.viettel.vn Software Apache / Resource Hash d740211a4f69cca0953af5100d6d6b21dc69217f5dad7d7b84fe020ece97dd06 Request headers :path /themes/wondertag/javascript/script.js?version=2.3.5 pragma no-cache cookie PHPSESSID=opmrogrvol8qc47cqa6hluqapb; ad-con=%7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2021-08-05%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D; _us=1628224951; mode=day; access=1; src=1 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority vhearts.net referer https://vhearts.net/vieclamdongnai :scheme https sec-fetch-site same-origin :method GET Referer https://vhearts.net/vieclamdongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:33 GMT content-encoding gzip last-modified Mon, 28 Jun 2021 08:19:12 GMT server Apache vary Accept-Encoding content-type application/javascript cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes expires Wed, 11 Jan 1984 05:00:00 GMT
GET H3-29	200	sdk.js Show response connect.facebook.net/en_US/	229 KB 67 KB	16ms 6ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js?hash=012359755e27acaa5a7fd87c74f8db33 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 2fce0d4e6b60642412e7ebf45ab2dccc74dc275a35ff4db980e45d2dd8c580fc Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Origin https://vhearts.net Referer https://vhearts.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 jbxfOvKakycKxbWPdYTsjA== cross-origin-resource-policy cross-origin expires Fri, 05 Aug 2022 02:03:38 GMT alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 68103 x-fb-rlafr 0 x-fb-debug o/06pWddcwRSPFB/PKGu5hVlbZqvtkR30ZJUihkxRBIsgtG9/icqQ/jM+9oZEfKjVDq0jFBenZB7V6l+6P7XPQ== cross-origin-embedder-policy-report-only require-corp;report-to="coop_report" x-fb-content-md5 3e398a9ca563f42039e4d042e1562c1d cross-origin-opener-policy same-origin-allow-popups date Thu, 05 Aug 2021 04:42:30 GMT x-frame-options DENY report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable etag "53293305ff0be277b414606c7ae79a13" timing-allow-origin * priority u=3,i access-control-expose-headers X-FB-Content-MD5
GET DATA	200 OK	truncated /	135 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c2128b5b8a9ea02f0830a3b22c37023dae3f287e7ef5d91fbb4ff535c6b30675 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v27/	15 KB 15 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://vhearts.net Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 02 Aug 2021 18:26:24 GMT x-content-type-options nosniff age 209766 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 last-modified Mon, 05 Apr 2021 21:10:35 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 02 Aug 2022 18:26:24 GMT
GET H3-29	200	KFOmCnqEu92Fr1Mu7GxKOzY.woff2 fonts.gstatic.com/s/roboto/v27/	12 KB 12 KB	9ms 6ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://vhearts.net Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 31 Jul 2021 03:14:43 GMT x-content-type-options nosniff age 437267 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11860 x-xss-protection 0 last-modified Mon, 05 Apr 2021 21:10:33 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 31 Jul 2022 03:14:43 GMT
GET H2	200	tuyen-tap-nhung-bai-hat-hay-nhat-cua-mr-siro Show response y2be.net/music/album/13/mrsiro/ Frame B259	121 KB 38 KB	4288ms 3850ms	Document text/html	172.96.185.191 LEASEWEB-APAC-HKG...
General Check archive.org Show headers Download Go to Full URL https://y2be.net/music/album/13/mrsiro/tuyen-tap-nhung-bai-hat-hay-nhat-cua-mr-siro Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.96.185.191 , Canada, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK), Reverse DNS 172.96.185.191-static.reverse.arandomserver.com Software LiteSpeed / Resource Hash 6f0eb13a4d8d7c654544a83462576620c03d40f577f23a9361bab884d5b0d2c1 Request headers :method GET :authority y2be.net :scheme https :path /music/album/13/mrsiro/tuyen-tap-nhung-bai-hat-hay-nhat-cua-mr-siro pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://vhearts.net/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://vhearts.net/ Response headers cache-control no-cache, private content-type text/html; charset=UTF-8 set-cookie XSRF-TOKEN=eyJpdiI6IkxNYWU4N1BLSGVuVVNQcy9tUStyelE9PSIsInZhbHVlIjoiZWpPL0hjdXAzam54aktQNmlrNWphTmpNdVJyeS9NV3lldjd4VFNXTnZrREI0VDJDQlNabjVtNS9iRTBRN0xWdldBTnMwbTdIYU9QNDlMcGRZdWpxV3IvclVyRWM2Sm93bllhWjc1TFgyd2txU0RiT05rZnFqeXlDQ0laR2EzRUsiLCJtYWMiOiI5MWZjNTM0YzZkMzJlZTUwNGE2ZWY3NjU5ZGNiNmFjNzFlN2FjMzk2YjZhMGVlZjY2Y2I5ZmJjZDc5MDVlNTJkIn0%3D; expires=Thu, 05-Aug-2021 06:42:34 GMT; Max-Age=7200; path=/; secure y2be_music_free_music_for_your_life_3_session=eyJpdiI6ImFKSVVhQlB0UFJRZlQyS3BZTXVoemc9PSIsInZhbHVlIjoiYUhBNnVKWmJaVk1RV1pzU0txdkNFZTJ6aUoyWjd5UjQxYVRvVUwwMkFBYldWS0Q0c1hNZWEwRUh3Qlh3aDhTN1BKTWhjUDZPZ01BVFlyUnl6NXlOQWgwazBlRHFHL3FTNy9Xd1oreDJUVE9JeC9TNTc5aWlGeXVwNm02Q0ZoSW0iLCJtYWMiOiI1MTRkOGIzZWIwZDU4NmMwYmFiMDFjZDlhMzlkM2MyNmY2ODQ0MTI4OWY1MDViNjZmY2QwOGQ2OGZjMTBjZjBlIn0%3D; expires=Thu, 05-Aug-2021 06:42:34 GMT; Max-Age=7200; path=/; httponly; secure content-encoding br vary Accept-Encoding date Thu, 05 Aug 2021 04:42:34 GMT server LiteSpeed alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
GET H2	200	TTCommons-DemiBold.woff vhearts.net/themes/wondertag/fonts/	45 KB 45 KB	592ms 589ms	Font font/woff	27.72.72.31 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Full URL https://vhearts.net/themes/wondertag/fonts/TTCommons-DemiBold.woff Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_256_GCM Server 27.72.72.31 Haiphong, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS dynamic-adsl.viettel.vn Software Apache / Resource Hash c0962a00f14438b8c8e6260a413bd5526fbe628c079d293d1ecc5f443ba32841 Request headers sec-fetch-mode cors origin https://vhearts.net accept-encoding gzip, deflate, br accept-language en-US sec-fetch-dest font cookie PHPSESSID=opmrogrvol8qc47cqa6hluqapb; ad-con=%7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2021-08-05%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D; _us=1628224951; mode=day; access=1; src=1 :path /themes/wondertag/fonts/TTCommons-DemiBold.woff pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept */* cache-control no-cache :authority vhearts.net referer https://vhearts.net/vieclamdongnai :scheme https sec-fetch-site same-origin :method GET Origin https://vhearts.net Referer https://vhearts.net/vieclamdongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:34 GMT content-encoding gzip last-modified Fri, 19 Oct 2018 23:46:40 GMT server Apache vary Accept-Encoding content-type font/woff cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes content-length 46137 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H3-29	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v27/	16 KB 16 KB	8ms 6ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://vhearts.net Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 03 Aug 2021 17:17:27 GMT x-content-type-options nosniff age 127503 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15920 x-xss-protection 0 last-modified Mon, 05 Apr 2021 21:10:39 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 03 Aug 2022 17:17:27 GMT
GET H3-29	200	KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2 fonts.gstatic.com/s/roboto/v27/	11 KB 12 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://vhearts.net Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 03 Aug 2021 09:15:18 GMT x-content-type-options nosniff age 156432 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11768 x-xss-protection 0 last-modified Mon, 05 Apr 2021 21:10:42 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 03 Aug 2022 09:15:18 GMT
GET H3-29	200	KFOmCnqEu92Fr1Mu7WxKOzY.woff2 fonts.gstatic.com/s/roboto/v27/	5 KB 5 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fb56f0e08adb026eb4e4b28c2fc33b35ce3ddf30a075f9906ec14caff095fa3c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://vhearts.net Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 02 Aug 2021 21:52:56 GMT x-content-type-options nosniff age 197374 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5540 x-xss-protection 0 last-modified Mon, 05 Apr 2021 21:10:35 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 02 Aug 2022 21:52:56 GMT
GET H3-29	200	KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2 fonts.gstatic.com/s/roboto/v27/	5 KB 5 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b03ef4b198588654c13a7eacbf4b45a6a42b5d250019c8a6c16dc475e4e97fba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://vhearts.net Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 03 Aug 2021 12:36:39 GMT x-content-type-options nosniff age 144351 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5580 x-xss-protection 0 last-modified Mon, 05 Apr 2021 21:10:52 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 03 Aug 2022 12:36:39 GMT
GET H3-29	200	show_ads_impl_with_ama_fy2019.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108040201/	250 KB 93 KB	33ms 33ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108040201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2333884060705803&plah=vhearts.net Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 60deabf4fc435c9659222c5269fdb38d702a130c8f1109d7ddce85903566b027 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://vhearts.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 04:42:30 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 95394 x-xss-protection 0 server cafe etag 1835831108026274681 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 05 Aug 2021 04:42:30 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20210802/r20190131/ Frame 3342	10 KB 5 KB	6ms 6ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20210802/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/html/r20210802/r20190131/zrt_lookup.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://vhearts.net/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://vhearts.net/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Wed, 04 Aug 2021 06:37:06 GMT expires Wed, 18 Aug 2021 06:37:06 GMT content-type text/html; charset=UTF-8 etag 8999110079160743657 x-content-type-options nosniff content-encoding gzip server cafe content-length 4576 x-xss-protection 0 age 79524 cache-control public, max-age=1209600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	analytics.js Show response www.google-analytics.com/	48 KB 19 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-143895203-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://vhearts.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 13 Jul 2021 18:24:06 GMT server Golfe2 age 3956 date Thu, 05 Aug 2021 03:36:34 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19672 expires Thu, 05 Aug 2021 05:36:34 GMT
GET H2	200	a54PTJMFd2PD3PjKsqVy_04_e4758ccfd8e6c761c42676cddcaae129_background_image.jpg vhearts.net/upload/photos/2021/08/	68 KB 69 KB	426ms 426ms	Image image/jpeg	27.72.72.31 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Show image Full URL https://vhearts.net/upload/photos/2021/08/a54PTJMFd2PD3PjKsqVy_04_e4758ccfd8e6c761c42676cddcaae129_background_image.jpg Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_256_GCM Server 27.72.72.31 Haiphong, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS dynamic-adsl.viettel.vn Software Apache / Resource Hash 55af89e17149d6ddd232954c9b7ffc3bb4687e81460d4dd595ced51c2fdf2fd5 Request headers :path /upload/photos/2021/08/a54PTJMFd2PD3PjKsqVy_04_e4758ccfd8e6c761c42676cddcaae129_background_image.jpg pragma no-cache cookie PHPSESSID=opmrogrvol8qc47cqa6hluqapb; ad-con=%7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2021-08-05%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D; _us=1628224951; mode=day; access=1; src=1 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority vhearts.net referer https://vhearts.net/vieclamdongnai :scheme https sec-fetch-site same-origin :method GET Referer https://vhearts.net/vieclamdongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:34 GMT last-modified Wed, 04 Aug 2021 12:59:24 GMT server Apache content-type image/jpeg access-control-allow-origin * cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes content-length 69854 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	201 B 262 B	36ms 35ms	Script text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=vhearts.net&callback=_gfp_s_&client=ca-pub-2333884060705803 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108040201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2333884060705803&plah=vhearts.net Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f2.1e100.net Software cafe / Resource Hash cabb4f0c5a384aa56ba7d6b9d47d62989716a78811663c5e6ee36da28ead5e9f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://vhearts.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 04:42:30 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 193 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 165 B	14ms 14ms	Script application/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=vhearts.net Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108040201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2333884060705803&plah=vhearts.net Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://vhearts.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Thu, 05 Aug 2021 04:42:30 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 165 B	16ms 15ms	Script application/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=vhearts.net Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108040201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2333884060705803&plah=vhearts.net Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://vhearts.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Thu, 05 Aug 2021 04:42:30 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame E553	436 B 235 B	99ms 98ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&slotname=9838580002&adk=257046922&adf=2551339254&pi=t.ma~as.9838580002&w=363&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&psa=0&format=363x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550329&bpp=9&bdt=1670&idt=86&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&correlator=2231057986897&frm=20&pv=2&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=415&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=Mo5Vn11GFc&p=https%3A//vhearts.net&dtd=107 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108040201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2333884060705803&plah=vhearts.net Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d87e138fb02498aa6af4217d601d5bc6c04984e1b623b63a2038af95c9efce79 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&slotname=9838580002&adk=257046922&adf=2551339254&pi=t.ma~as.9838580002&w=363&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&psa=0&format=363x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550329&bpp=9&bdt=1670&idt=86&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&correlator=2231057986897&frm=20&pv=2&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=415&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=Mo5Vn11GFc&p=https%3A//vhearts.net&dtd=107 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://vhearts.net/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://vhearts.net/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Thu, 05 Aug 2021 04:42:30 GMT server cafe content-length 212 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Thu, 05-Aug-2021 04:57:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Thu, 05 Aug 2021 04:42:30 GMT cache-control private
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/	73 KB 27 KB	17ms 16ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108040201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2333884060705803&plah=vhearts.net Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2596198e77ccbdab3018bee48950659e33465901f5b2060ea5439ff6c1f6a9b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://vhearts.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 04:42:30 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1628076391864921" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27992 x-xss-protection 0 expires Thu, 05 Aug 2021 04:42:30 GMT
GET H3-29	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 0126	436 B 234 B	103ms 101ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&slotname=7396348879&adk=3899285848&adf=2828088494&pi=t.ma~as.7396348879&w=363&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&psa=0&format=363x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550338&bpp=1&bdt=1679&idt=114&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=415&ady=2234&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=RVGZV9fPiJ&p=https%3A//vhearts.net&dtd=118 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108040201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2333884060705803&plah=vhearts.net Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash bc809918104ccb0f7b832ff3cad91939ecda62c0db05e9e8c67f4ff3050e7af8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&slotname=7396348879&adk=3899285848&adf=2828088494&pi=t.ma~as.7396348879&w=363&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&psa=0&format=363x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550338&bpp=1&bdt=1679&idt=114&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=415&ady=2234&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=RVGZV9fPiJ&p=https%3A//vhearts.net&dtd=118 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://vhearts.net/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://vhearts.net/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Thu, 05 Aug 2021 04:42:30 GMT server cafe content-length 211 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Thu, 05-Aug-2021 04:57:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Thu, 05 Aug 2021 04:42:30 GMT cache-control private
POST H3-29	200	collect Show response www.google-analytics.com/j/	1 B 21 B	13ms 13ms	XHR text/plain	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j92&a=805508800&t=pageview&_s=1&dl=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&ul=en-us&de=UTF-8&dt=viec%20lam%20dong%20nai&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=528726904&gjid=513660638&cid=1080471646.1628138550&tid=UA-143895203-1&_gid=1648563138.1628138550&_r=1&gtm=2ou840&z=1732916768 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://vhearts.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:30 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://vhearts.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	icon.png vhearts.net/themes/wondertag/img/	26 KB 26 KB	1252ms 1252ms	Image image/png	27.72.72.31 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Show image Full URL https://vhearts.net/themes/wondertag/img/icon.png Requested by Host: vhearts.net URL: https://vhearts.net/themes/wondertag/javascript/qrcode.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 27.72.72.31 Haiphong, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS dynamic-adsl.viettel.vn Software Apache / Resource Hash 965dce9df441715b933acdf9e9ff844c22c2edd432414ddb5b9b4b781028bb8d Request headers sec-fetch-mode cors origin https://vhearts.net accept-encoding gzip, deflate, br accept-language en-US sec-fetch-dest image cookie PHPSESSID=opmrogrvol8qc47cqa6hluqapb; ad-con=%7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2021-08-05%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D; _us=1628224951; mode=day; access=1; src=1; _ga=GA1.2.1080471646.1628138550; _gid=GA1.2.1648563138.1628138550; _gat_gtag_UA_143895203_1=1 :path /themes/wondertag/img/icon.png pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache :authority vhearts.net referer https://vhearts.net/vieclamdongnai :scheme https sec-fetch-site same-origin :method GET Origin https://vhearts.net Referer https://vhearts.net/vieclamdongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:35 GMT last-modified Sun, 27 Jun 2021 11:56:52 GMT server Apache content-type image/png cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes content-length 26687 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	28ms 27ms	Image image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&tn=DIV&cls=tag_navbar_top_side&ign=false&pw=1600&ph=1200&x=0&y=1060.8 Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://vhearts.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:30 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	28ms 27ms	Image image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&tn=NAV&cls=navbar%20navbar-default%20tag_navbar_top&ign=false&pw=1600&ph=1200&x=0&y=0 Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://vhearts.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:30 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	integrator.js Show response adservice.google.de/adsid/	107 B 122 B	15ms 14ms	Script application/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=vhearts.net Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108040201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2333884060705803&plah=vhearts.net Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://vhearts.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Thu, 05 Aug 2021 04:42:30 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	15ms 14ms	Script application/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=vhearts.net Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108040201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2333884060705803&plah=vhearts.net Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://vhearts.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Thu, 05 Aug 2021 04:42:30 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame ACFB	17 KB 1 KB	70ms 69ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&adk=1812271804&adf=3025194257&lmt=1628138550&plat=1%3A16777216%2C2%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550599&bpp=2&bdt=1940&idt=2&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280&nras=1&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=10 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108040201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2333884060705803&plah=vhearts.net Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 73bee3de1bca0ca0222b13e2e9af48febbfa92143269c81a8542e24c36db939b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-2333884060705803&output=html&adk=1812271804&adf=3025194257&lmt=1628138550&plat=1%3A16777216%2C2%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550599&bpp=2&bdt=1940&idt=2&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280&nras=1&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=10 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://vhearts.net/ accept-encoding gzip, deflate, br accept-language en-US cookie test_cookie=CheckForPermission Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://vhearts.net/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Thu, 05 Aug 2021 04:42:30 GMT server cafe content-length 1228 x-xss-protection 0 set-cookie IDE=AHWqTUlrjtGxcxrKLvzLZm6HRZjiSzQlqsKx8mFaPxCfCz5oYfm4-_aLc0z0RuJF8ZU; expires=Tue, 30-Aug-2022 04:42:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Thu, 05 Aug 2021 04:42:30 GMT cache-control private
GET H3-29	200	integrator.js Show response adservice.google.de/adsid/	107 B 122 B	20ms 19ms	Script application/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=vhearts.net Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108040201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2333884060705803&plah=vhearts.net Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://vhearts.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Thu, 05 Aug 2021 04:42:30 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	18ms 18ms	Script application/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=vhearts.net Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108040201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2333884060705803&plah=vhearts.net Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://vhearts.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Thu, 05 Aug 2021 04:42:30 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 95CE	17 KB 8 KB	135ms 134ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=2073554963&adf=1122717268&pi=t.aa~a.1316038043~rp.4&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=3&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0&nras=2&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xcwvss8ZH1&p=https%3A//vhearts.net&dtd=28 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108040201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2333884060705803&plah=vhearts.net Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f7e4467402ae14745448935f9019af063c38497b3c10e5562a1375aafe9aac16 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=2073554963&adf=1122717268&pi=t.aa~a.1316038043~rp.4&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=3&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0&nras=2&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xcwvss8ZH1&p=https%3A//vhearts.net&dtd=28 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://vhearts.net/ accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUlrjtGxcxrKLvzLZm6HRZjiSzQlqsKx8mFaPxCfCz5oYfm4-_aLc0z0RuJF8ZU Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://vhearts.net/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Thu, 05 Aug 2021 04:42:30 GMT server cafe content-length 8017 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 2C6A	17 KB 8 KB	137ms 129ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=2073554963&adf=3381349681&pi=t.aa~a.315596959~rp.4&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=2&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0%2C612x280&nras=3&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1620&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=7Z0yTmErq7&p=https%3A//vhearts.net&dtd=35 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108040201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2333884060705803&plah=vhearts.net Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0c6bf849b267b34d245287d01944060d54bc4bc78d826b475220b2b47ead732a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=2073554963&adf=3381349681&pi=t.aa~a.315596959~rp.4&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=2&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0%2C612x280&nras=3&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1620&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=7Z0yTmErq7&p=https%3A//vhearts.net&dtd=35 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://vhearts.net/ accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUlrjtGxcxrKLvzLZm6HRZjiSzQlqsKx8mFaPxCfCz5oYfm4-_aLc0z0RuJF8ZU Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://vhearts.net/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Thu, 05 Aug 2021 04:42:30 GMT server cafe content-length 7933 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 3D1E	16 KB 7 KB	127ms 126ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=3101593496&adf=1576911250&pi=t.aa~a.369641440~rp.4&w=363&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=363x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=2&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0%2C612x280%2C612x280&nras=4&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=415&ady=2564&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=qeMUwfalVY&p=https%3A//vhearts.net&dtd=71 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108040201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2333884060705803&plah=vhearts.net Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 60049e2e096737722e2ba85a35e9cef7e0c742ba6636bb8ee76c6ca78861e072 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=3101593496&adf=1576911250&pi=t.aa~a.369641440~rp.4&w=363&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=363x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=2&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0%2C612x280%2C612x280&nras=4&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=415&ady=2564&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=qeMUwfalVY&p=https%3A//vhearts.net&dtd=71 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://vhearts.net/ accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUlrjtGxcxrKLvzLZm6HRZjiSzQlqsKx8mFaPxCfCz5oYfm4-_aLc0z0RuJF8ZU Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://vhearts.net/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Thu, 05 Aug 2021 04:42:30 GMT server cafe content-length 7396 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 188C	436 B 231 B	127ms 127ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=695977328&adf=424409560&pi=t.aa~a.315602023~rp.1&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=1&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0%2C612x280%2C612x280%2C363x280&nras=5&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=2555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=6&fsb=1&xpc=VuUhnLdzkO&p=https%3A//vhearts.net&dtd=75 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108040201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2333884060705803&plah=vhearts.net Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 49fb5350667bd3deb224ab8698cacb956aa1eed58135703a25a9b8ee43ff2fe5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=695977328&adf=424409560&pi=t.aa~a.315602023~rp.1&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=1&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0%2C612x280%2C612x280%2C363x280&nras=5&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=2555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=6&fsb=1&xpc=VuUhnLdzkO&p=https%3A//vhearts.net&dtd=75 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://vhearts.net/ accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUlrjtGxcxrKLvzLZm6HRZjiSzQlqsKx8mFaPxCfCz5oYfm4-_aLc0z0RuJF8ZU Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://vhearts.net/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Thu, 05 Aug 2021 04:42:30 GMT server cafe content-length 211 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame F39C	436 B 232 B	116ms 116ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=2581136027&adf=1529867510&pi=t.aa~a.1316047913~rp.1&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=2&bdt=2124&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0%2C612x280%2C612x280%2C363x280%2C612x280&nras=6&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=3050&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=i9kR3a5pie&p=https%3A//vhearts.net&dtd=80 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108040201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2333884060705803&plah=vhearts.net Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a7b0645908fd18f43858b37935cc12a1e6d64e57f93d0e2b275a293ea0e3b3b0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=2581136027&adf=1529867510&pi=t.aa~a.1316047913~rp.1&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=2&bdt=2124&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0%2C612x280%2C612x280%2C363x280%2C612x280&nras=6&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=3050&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=i9kR3a5pie&p=https%3A//vhearts.net&dtd=80 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://vhearts.net/ accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUlrjtGxcxrKLvzLZm6HRZjiSzQlqsKx8mFaPxCfCz5oYfm4-_aLc0z0RuJF8ZU Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://vhearts.net/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Thu, 05 Aug 2021 04:42:30 GMT server cafe content-length 212 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame CD7C	436 B 232 B	101ms 100ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=200&adk=2337785858&adf=3719579869&pi=t.aa~a.1316047913~rp.4&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x200&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=2&bdt=2124&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0%2C612x280%2C612x280%2C363x280%2C612x280%2C612x280&nras=7&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=3810&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=8&fsb=1&xpc=RC6Dld4RWX&p=https%3A//vhearts.net&dtd=85 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108040201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2333884060705803&plah=vhearts.net Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 85470eef1259bd6fa531046299b95a1cd9a32c7a0089234217507a39238a3bef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-2333884060705803&output=html&h=200&adk=2337785858&adf=3719579869&pi=t.aa~a.1316047913~rp.4&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x200&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=2&bdt=2124&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0%2C612x280%2C612x280%2C363x280%2C612x280%2C612x280&nras=7&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=3810&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=8&fsb=1&xpc=RC6Dld4RWX&p=https%3A//vhearts.net&dtd=85 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://vhearts.net/ accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUlrjtGxcxrKLvzLZm6HRZjiSzQlqsKx8mFaPxCfCz5oYfm4-_aLc0z0RuJF8ZU Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://vhearts.net/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Thu, 05 Aug 2021 04:42:30 GMT server cafe content-length 212 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 2821	436 B 230 B	106ms 106ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=60&adk=3440197488&adf=334873158&pi=t.aa~a.315602990~rp.4&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x60&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=1&bdt=2123&idt=1&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0%2C612x280%2C612x280%2C363x280%2C612x280%2C612x280%2C612x200&nras=8&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=4095&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=10&uci=a!a&btvi=9&fsb=1&xpc=zTi2NvELun&p=https%3A//vhearts.net&dtd=90 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108040201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2333884060705803&plah=vhearts.net Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 31034a9c99fd2594c08d66ee5d9b3111c3e2b469d097ded1342519b165ae2bcf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-2333884060705803&output=html&h=60&adk=3440197488&adf=334873158&pi=t.aa~a.315602990~rp.4&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x60&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=1&bdt=2123&idt=1&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0%2C612x280%2C612x280%2C363x280%2C612x280%2C612x280%2C612x200&nras=8&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=4095&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=10&uci=a!a&btvi=9&fsb=1&xpc=zTi2NvELun&p=https%3A//vhearts.net&dtd=90 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://vhearts.net/ accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUlrjtGxcxrKLvzLZm6HRZjiSzQlqsKx8mFaPxCfCz5oYfm4-_aLc0z0RuJF8ZU Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://vhearts.net/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Thu, 05 Aug 2021 04:42:30 GMT server cafe content-length 210 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	adview googleads.g.doubleclick.net/pagead/ Frame 28CC	0 0	19ms 18ms	Fetch text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CDsZtNmwLYc_DMprR7gPeppr4D8-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjMzMzg4NDA2MDcwNTgwM8gBCagDAaoEwgFP0MAvdwJENqnonrNgpJgxIfRjehZBDrFDxdo0PZeueOWiU-Jba0WpBYm_tNbGTBDnD9PpgTGqELuSZwI3BD16jXe2DPbdIqLEzSJ7-gSK3-UvYxwxLICdwcuZcIurYb1PK6kOwwwvQRbjGEJNCsEP9zKRqAoZKprIgN5AjWILWrRvHX7In1EWR_F9H5Hnq_qaPc0xTcMzu5SUdGTmmlIVyBA9CR6tFqRi1ht1AVPs30nN64ZiGyXzvJTNOxmUaC-V04AGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxgKFhIUcHViLTIzMzM4ODQwNjA3MDU4MDM&sigh=kbACQyrTcBA&tpd=AGWhJms-AiPhIPC8d-whunCj1ZC-XE-Oe42ERmrALesP89Q7a0uwDzwJo68cHLxVSfpNbAUbzAHDSCmLMOtoFBwTdPD13w79dRfpihXINvo8Hvd2KtIv0mVpAg4FmFdclir6_HQxYVvS4y4VRJbZKzAbKtqXJfTeotzSbLZnlR-iWNV95aTDBSmGjnXFAvzDJp0sTHj5wMn5QvRZVAaAHwShmQFqrcwDBNqCmftROIoSSAalSyy_-2RHevA44UCfT1RCBS1uINl5Yg-XE-56e1Gi_wy1nH9Z-2vhAQ77nCzpHbFC4jWgDynXWBLeCChxynPRLpZApcGuFQU-58xEpi29YGimIJ2lQ4o4AzGDaSXIJY9uSuggAkfc2wQFOnWU1UC8sT43_SrhsviB0UD-n42bfKU7Zv6iHez-afFZWECdBu-A0N_kBQt8SbC428P47rrEsC6C5Q9WQewUuLDP-FbUq-2SP1FlxZ5X3mPoVCBclvru_jTioCsmHdAynR6HBQnXGz00V-JJRO2sfqxLQBXCr3yBoaUtDam29QHJpCKQHDYqC0bTWPni8WsgUL_7aS4hmYdZsbGeyLjv9dTbYDy1SAH8-lgx4974IwJy0W1UYYG22e7lPXwQCkbERKIwRgW3yQLQIdq3WSMK1EWaelY8kvX9wCuydvmRQtqihSTpEHrkfShW5QavvyjkT_B4iw6YZUzu4daVyaPSy1eq0-3OJG1aTenV-bR83c_K-EfZhjMOsv752MM78hQSNlPNbGDWEtBoONqWhf3BIlTQtFRL0GRxkufXx0-jFhxiqb8-uaEHWnHjl_vggIjP8qHMj6wH5GGru-hViplpInrKEJM4L6aUCa0LNihcq91RwAtNRG1c8pAAoNJMSj9iWiIL3OY8XfW0W8C1XtSBUBia7lm1-orGT-7djRCuT4JP4iqjgYc2_YTmWaBQgm39fG_1fvUNSc-KvBFhTpJq_UNIrSiu7NpMUFlgKzxKvNoZG09Zewr0K21cf4R66gSwquF0YjLBEcb1jmAaHyw3pRKYPPnSOTRZiIiSTofHVetynnC4RiMJcfBqnsqHSxZIDCPrDUtg Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=2073554963&adf=1122717268&pi=t.aa~a.1316038043~rp.4&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=3&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0&nras=2&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xcwvss8ZH1&p=https%3A//vhearts.net&dtd=28 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe date Thu, 05 Aug 2021 04:42:31 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H/1.1	200 OK	js Show response tags.mathtag.com/notify/ Frame 28CC	2 KB 2 KB	81ms 24ms	Script application/x-javascript	185.29.135.190 MEDIAMATH-INC
General Check archive.org Show headers Download Go to Full URL https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWkRRd05EZGpaV1F0TVRCaU1DMHpOR1k1TFRBd01EQXRNREF3TURBd01EQXdNREF3LzUwMzAwMTE5NDQ1MTczNzY0NjYvNjYyMjMyOC80NTYyMzA2LzQvZ0NDcTVFME8wbnZLWWRybXZBNHpGLWR1VUxMNXNCZEc5WS01QWJpMmFuUS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC81MDMwMDExOTQ0NTE3Mzc2NDY2L2Ftcy8wLzUzLzI3Lzk5OS82Ni8yYTAxOjRmODoxOTI6Oi8wLjAwMC8xNjI4MTM4NTUwLzE2MjgxNTExNTAvNC9wdWItMjMzMzg4NDA2MDcwNTgwMy8/r5LrzwzPw4ZOYVgv0NmrsC4Fqj0&nodeid=1904&group=eu&auctionid=5030011944517376466&shardkey=5030011944517376466&sid=4562306&cid=6622328&bp=a_bdhgdj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.66&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOxezNmwLYc_DMprR7gPeppr4D8-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjMzMzg4NDA2MDcwNTgwM8gBCagDAaoExQFP0MAvdwJENqnonrNgpJgxIfRjehZBDrFDxdo0PZeueOWiU-Jba0WpBYm_tNbGTBDnD9PpgTGqELuSZwI3BD16jXe2DPbdIqLEzSJ7-gSK3-UvYxwxLICdwcuZcIurYb1PK6kOwwwvQRbjGEJNCsEP9zKRqAoZKprIgN5AjWILWrRvHX7In1EWR_F9H5Hnq_qaPc0xTcMzu5SUdGTmmlIVyBA9CR6tFqRi1ht1AVPs3wvP5hTOi4H0MTCFkMHUx9-Ix3eHxYAGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3SeikFc1FCFyKDeK75uSTRvE2_0Q%26client%3Dca-pub-2333884060705803%26adurl%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=2073554963&adf=1122717268&pi=t.aa~a.1316038043~rp.4&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=3&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0&nras=2&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xcwvss8ZH1&p=https%3A//vhearts.net&dtd=28 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.29.135.190 , United Kingdom, ASN30419 (MEDIAMATH-INC, US), Reverse DNS Software MMBD/3.203.0 / Resource Hash 2a013bf3c74963d2e7102910b1209f11fb929c580d23897bb7189bf41c4da041 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 05 Aug 2021 04:42:28 GMT Content-Encoding gzip x-mm-bid-request-time 1628138550 Last-Modified Thu, 05 Aug 2021 04:42:30 GMT Server MMBD/3.203.0 x-mm-latency 0 (0) P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" x-mm-dbg Count Cache-Control no-cache x-mm-host cdg-router-x95, cdg-bidder-x143 Connection close Content-Type application/x-javascript; charset=UTF-8 Expires Thu, 05 Aug 2021 04:42:27 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210802/r20110914/client/ Frame 28CC	2 KB 2 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210802/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=2073554963&adf=1122717268&pi=t.aa~a.1316038043~rp.4&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=3&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0&nras=2&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xcwvss8ZH1&p=https%3A//vhearts.net&dtd=28 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 04:18:40 GMT content-encoding gzip x-content-type-options nosniff age 1431 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1339 x-xss-protection 0 server cafe etag 2275704724217174249 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 19 Aug 2021 04:18:40 GMT
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 28CC	124 KB 37 KB	23ms 22ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=2073554963&adf=1122717268&pi=t.aa~a.1316038043~rp.4&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=3&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0&nras=2&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xcwvss8ZH1&p=https%3A//vhearts.net&dtd=28 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cf84082e259ad41af7fd361fd43e0bee4f52c633d44d4bbaf02930a437d82a00 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 04:42:31 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1628076384053681" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38210 x-xss-protection 0 expires Thu, 05 Aug 2021 04:42:31 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210802/r20110914/client/ Frame 28CC	14 KB 6 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210802/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=2073554963&adf=1122717268&pi=t.aa~a.1316038043~rp.4&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=3&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0&nras=2&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xcwvss8ZH1&p=https%3A//vhearts.net&dtd=28 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 04:33:48 GMT content-encoding gzip x-content-type-options nosniff age 523 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6204 x-xss-protection 0 server cafe etag 11055049251678278959 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 19 Aug 2021 04:33:48 GMT
GET H3-29	204	l www.google.com/ads/measurement/ Frame 28CC	0 0	14ms 14ms	Image text/html	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTZRcYSS7NbTcNPViof0zSj0sAdlXQLwkaJVsxS1UP3xEjLB90Mv56Pu7pv-dFsxNrrJu6cENbJCchY7dr68TYE2xFLfg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=2073554963&adf=1122717268&pi=t.aa~a.1316038043~rp.4&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=3&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0&nras=2&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xcwvss8ZH1&p=https%3A//vhearts.net&dtd=28 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3-29	200	adview googleads.g.doubleclick.net/pagead/ Frame 1BB7	0 0	19ms 18ms	Fetch text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CbaRUNmwLYdnCM7m4x_AP5JqzwA_Ph46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTIzMzM4ODQwNjA3MDU4MDPIAQmoAwGqBMIBT9CFPPOkWf8k0eCXUumFkNmOchigDCKGCAycmlWqm1FUEXo_pUgZv_GxCnzSaJkOUTpnq6mFFqoO_cwdma9IH3sRqhIaJ1E93CudeDF9dKMMerH6ivvv5hiCKOf20IXYGaGCM3rasYJkFtnmLLUJcy4NamCnSSZ80Z_O1MG5dUAIgz88ZQ1h_n8ALPxhMtrkpjVHNpyeAMdIA5AE6ziS454HEbkcC_TbCNICilbtPzA9Z06pDgpt46z6ZKyB-ouAFtuABpPmxMWZ3fWv-gGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcYChYSFHB1Yi0yMzMzODg0MDYwNzA1ODAz&sigh=LsYOuxmQiRQ&tpd=AGWhJmvwV8Ga1vNBNV1nvMUonUAbDoPNUL1zjM4-UMAvwlMbjpo3--7eQJKb7Plly0BCLie8-WX7qVuKYOu13VmG9mT9F9gv0sv9KHKxIIdvbXjK9GwO27LrcS88xIqLxjzmZ-nBlfi8e11BT2rd8giOBmUGEMcb8jwLC0UDUN0OoS-E_3HvHSN5V9SZiO-_lm9gbBDBb6WUQITmY4JGzmv8OGk0gqb3eLhGVibWnNuiMg96ygdQzU3SfMNvTA3dFLzim5yf_pTpqKk8ovAae_7TxJj3ejMyLDA5v3Cl7WFtmxnoPDmHy92xEnc-sp5DMVT4NcNP92h8GInDMk5-OAKXEhY5DO3LDXypEA2NjoTliwC0myU7IZyNQf0GphsjRAF33-Tw2bL4UO5Dlp6RVPddZT4_akdz-Fb2AaG8-k3-rScvhcc5qfESO8eoB4OxjF8PwfWmSWjLApE2IwXqd-7JnvOayAPnXtGb0Wf96giQycUKP8MSNgZDUAK86qeYOdezVGXUPZUlgOo5T1DLCqDji_sqMoN0932BLs_J_g7dLe1V2rh5NX85j8l8-0awfGwnpIiNlkMXRCO8NhNnhBqFlyfCrZw2ew4vAYHessNLhP6ZNdttccdy_RhCvt2pmTMFNDoZwfL5d3x_Q3EfAJgaIr4NTDlU_iIdwre2sbh98wARuRN7DE3wZObTnaHBRPCm7HLLxM94AkG6VMe3hmqBSxkItPucV51hHKUy18PBi6t5YvIqz-YEFShxotoJzs4qB141eVh7jS511LTlwknq5F2GJfPFv8zWgEGPAFUWGZYnfiFERLu1J69O8gsTuLeqplS7JcFzE11yLAG1IQW_35kEopM7E1pwZ7hVbDXL-KnQ4BwCMzHRdOIx7DA081KcwBriLxnpJ8Rag2JWua8Ei7q4gtYGwoXmNwr0wyTKWCmAx50NLoeF2I1SnrW4EyG3alEIHqNNYgKkhvHaghQURF5mYc8mKbwv1yK2gwQJ6FJId6mc8PTtfYsfWT5fg2OOWk2WVd-E2NUCkkymN5uHVxKrQeS-ULSn8kHUnNpBF92L8DT58yY5FdYkQ_TGyofa Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=2073554963&adf=3381349681&pi=t.aa~a.315596959~rp.4&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=2&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0%2C612x280&nras=3&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1620&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=7Z0yTmErq7&p=https%3A//vhearts.net&dtd=35 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe date Thu, 05 Aug 2021 04:42:31 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H/1.1	200 OK	js Show response tags.mathtag.com/notify/ Frame 1BB7	2 KB 2 KB	113ms 66ms	Script application/x-javascript	185.29.135.190 MEDIAMATH-INC
General Check archive.org Show headers Download Go to Full URL https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWkRRd05EZGpaV1F0TVRCaU1DMHpOR1k1TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg0ODg3NzY0NTgzMzc5MTc1NTUvNjYyMjMyOC80NTYyMzA2LzQvZ0NDcTVFME8wbnZLWWRybXZBNHpGNDAwX2dNZjhndGZMc3I3blRjaExnay8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NDg4Nzc2NDU4MzM3OTE3NTU1L2Ftcy8wLzUzLzI3Lzk5OS82Ni8yYTAxOjRmODoxOTI6Oi8wLjAwMC8xNjI4MTM4NTUwLzE2MjgxNTExNTAvNC9wdWItMjMzMzg4NDA2MDcwNTgwMy8/KveQOwBhhDL-UpoxMTF0IteAZ0w&nodeid=1904&group=eu&auctionid=8488776458337917555&shardkey=8488776458337917555&sid=4562306&cid=6622328&bp=a_bdhgdj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.46&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbaT0NmwLYdnCM7m4x_AP5JqzwA_Ph46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTIzMzM4ODQwNjA3MDU4MDPIAQmoAwGqBMUBT9CFPPOkWf8k0eCXUumFkNmOchigDCKGCAycmlWqm1FUEXo_pUgZv_GxCnzSaJkOUTpnq6mFFqoO_cwdma9IH3sRqhIaJ1E93CudeDF9dKMMerH6ivvv5hiCKOf20IXYGaGCM3rasYJkFtnmLLUJcy4NamCnSSZ80Z_O1MG5dUAIgz88ZQ1h_n8ALPxhMtrkpjVHNpyeAMdIA5AE6ziS454HEbkcC_TbCNICilbtPzB_ZUM7oprJ5CFeLAdZuiRwC89lpjCABpPmxMWZ3fWv-gGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2GbYXcMj-UWdgKhgxJuoZqsz7F3Q%26client%3Dca-pub-2333884060705803%26adurl%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=2073554963&adf=3381349681&pi=t.aa~a.315596959~rp.4&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=2&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0%2C612x280&nras=3&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1620&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=7Z0yTmErq7&p=https%3A//vhearts.net&dtd=35 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.29.135.190 , United Kingdom, ASN30419 (MEDIAMATH-INC, US), Reverse DNS Software MMBD/3.203.0 / Resource Hash eb94dfc919998566c221b25dd88759417f6496ca52f16ce48681f1c3ddd08d5b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 05 Aug 2021 04:42:28 GMT Content-Encoding gzip x-mm-bid-request-time 1628138550 Last-Modified Thu, 05 Aug 2021 04:42:30 GMT Server MMBD/3.203.0 x-mm-latency 1 (1) P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" x-mm-dbg Count Cache-Control no-cache x-mm-host cdg-router-x100, cdg-bidder-x143 Connection close Content-Type application/x-javascript; charset=UTF-8 Expires Thu, 05 Aug 2021 04:42:27 GMT
GET H3-29	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210802/r20110914/client/ Frame 1BB7	2 KB 1 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210802/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=2073554963&adf=3381349681&pi=t.aa~a.315596959~rp.4&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=2&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0%2C612x280&nras=3&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1620&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=7Z0yTmErq7&p=https%3A//vhearts.net&dtd=35 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 04:08:30 GMT content-encoding gzip x-content-type-options nosniff age 2041 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1339 x-xss-protection 0 server cafe etag 2275704724217174249 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 19 Aug 2021 04:08:30 GMT
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 1BB7	124 KB 37 KB	15ms 15ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=2073554963&adf=3381349681&pi=t.aa~a.315596959~rp.4&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=2&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0%2C612x280&nras=3&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1620&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=7Z0yTmErq7&p=https%3A//vhearts.net&dtd=35 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cf84082e259ad41af7fd361fd43e0bee4f52c633d44d4bbaf02930a437d82a00 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 04:42:31 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1628076384053681" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38210 x-xss-protection 0 expires Thu, 05 Aug 2021 04:42:31 GMT
GET H3-29	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210802/r20110914/client/ Frame 1BB7	14 KB 6 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210802/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=2073554963&adf=3381349681&pi=t.aa~a.315596959~rp.4&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=2&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0%2C612x280&nras=3&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1620&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=7Z0yTmErq7&p=https%3A//vhearts.net&dtd=35 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 04:33:48 GMT content-encoding gzip x-content-type-options nosniff age 523 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6204 x-xss-protection 0 server cafe etag 11055049251678278959 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 19 Aug 2021 04:33:48 GMT
GET H3-29	200	adview googleads.g.doubleclick.net/pagead/ Frame 7FFA	0 0	21ms 19ms	Fetch text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=Cg-BYNmwLYaWMNcbh-gbCvLn4D5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjMzMzg4NDA2MDcwNTgwM6ABwq7o3QPIAQmpAqYwe0Dm2bM-qAMBqgTCAU_QwnzvKyPcz-nqSlZ2EnDaTGtqqxgfqSzPdjpHJhVl_KOe5jk9qPHFuf7lfmd5CnH7ZnWxl4hzrcJqYcgi55NEwFPEBdTvlyEOt0lu8ToXkOIq8bc0lrsoel-ISOkwzkc-AiUj3gHNbeWtfwKLsbZ8oCy17fCTU_bQFdKGOkvgZWCW5-OcpQYSw3L8qjOdF5p25q8mBPHP8ejGN9qArKe50EPRZ6Cfpw0qTX3LXifG_6JEQQWFvL_yLAX06fWZpe8IgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGAoWEhRwdWItMjMzMzg4NDA2MDcwNTgwMw&sigh=n5E4eumyNoI Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=3101593496&adf=1576911250&pi=t.aa~a.369641440~rp.4&w=363&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=363x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=2&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0%2C612x280%2C612x280&nras=4&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=415&ady=2564&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=qeMUwfalVY&p=https%3A//vhearts.net&dtd=71 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe date Thu, 05 Aug 2021 04:42:31 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H2	204	winResponse prod-rtb.ad4mat.net/ Frame 7FFA	0 0	41ms 15ms	Fetch image/gif	2600:1901:0:76b9:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://prod-rtb.ad4mat.net/winResponse?a=1j6a20z3g7yz7wxerf5gx52kaxrh0nngbrt6t4hqn34kg55sxfz7tz6yw71cjy7f3nfrt2ksst8kn931z6ecndc442xkv6y4780cmj0kzjx0z2zwc18vynejy1hgv2j71xcxf206zszcpks4w47banzfz9jpgb2yvk8pv79fdkmzya15421jvakvbnywdrthgbzp92ptzwhr1xybsmfjx77ayh6qnwjak7jy4h9scs81wskkr38wy147yngwd5ng71fpfqstzcx0pw8ekh3fnvwjb3qv7q6dt9hj62gw60ke0fvcpd0avd82qtnrhq1ta44yhhc3a6rrqs0evv8r48d2fcad6qpnj7wf2bk034xmattmvkkwc6kb4bxb1n3gctvr1nzd&b=YQtsNgANRiUK3rDGAA5eQnNPVqyhX36YUeRAQA Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Thu, 05 Aug 2021 04:42:31 GMT via 1.1 google alt-svc clear content-type image/gif
GET H2	200	dr Show response ad4m.at/ad/ Frame D693	2 KB 2 KB	42ms 18ms	Document text/html	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/ad/dr?ed=1j8vpwn78v0zxkyn66nq25bzz9b83v49ejg69d7pj9afwwfx2j7ee7bh876ye9v0zjyjckwwnzv9ptb8a54vr39e7tg4ted6y5g3wexah968kn981a4zw3gz2et9bdfb3j9e6a8xbh762j2fvmpnfap1b04addnbjfbgk5v5kgdbqxxs1knhw1vq4xq5m7htz4yhzwh2yf6sg27nzyk3qyz4v94055gy78pwneeepj83swgsvbezhzgkbw0g39y5yfdm6y8sa3p0zp80ryqqwekk6vq7qwkbcjqbmewp1npmp37ywg2brrbcab224kph55tfb6edamq6vs9g1hke039p0f3x8nrz1ntred7993y9ygc0a3s41mnmgcgpg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHuePNmwLYaWMNcbh-gbCvLn4D5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjMzMzg4NDA2MDcwNTgwM6ABwq7o3QPIAQmpAqYwe0Dm2bM-qAMBqgTFAU_QwnzvKyPcz-nqSlZ2EnDaTGtqqxgfqSzPdjpHJhVl_KOe5jk9qPHFuf7lfmd5CnH7ZnWxl4hzrcJqYcgi55NEwFPEBdTvlyEOt0lu8ToXkOIq8bc0lrsoel-ISOkwzkc-AiUj3gHNbeWtfwKLsbZ8oCy17fCTU_bQFdKGOkvgZWCW5-OcpQYSw3L8qjOdF5p25q8mBPHP8ejGN9qArKe50EPRZ6Cfpw0qTX3LXifGvaBJ09JQO_86q01iM7wLV9Ycw5pggAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0tT7zU_xbS08fyGntb4HEbnYqsrQ%26client%3Dca-pub-2333884060705803%26adurl%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=3101593496&adf=1576911250&pi=t.aa~a.369641440~rp.4&w=363&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=363x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=2&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0%2C612x280%2C612x280&nras=4&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=415&ady=2564&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=qeMUwfalVY&p=https%3A//vhearts.net&dtd=71 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0745eddab93ad4b10c3344b0def5ac71aee73fb1b1d82bcc59b2efb1dc5c7cff Security Headers Name Value Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox Request headers :method GET :authority ad4m.at :scheme https :path /ad/dr?ed=1j8vpwn78v0zxkyn66nq25bzz9b83v49ejg69d7pj9afwwfx2j7ee7bh876ye9v0zjyjckwwnzv9ptb8a54vr39e7tg4ted6y5g3wexah968kn981a4zw3gz2et9bdfb3j9e6a8xbh762j2fvmpnfap1b04addnbjfbgk5v5kgdbqxxs1knhw1vq4xq5m7htz4yhzwh2yf6sg27nzyk3qyz4v94055gy78pwneeepj83swgsvbezhzgkbw0g39y5yfdm6y8sa3p0zp80ryqqwekk6vq7qwkbcjqbmewp1npmp37ywg2brrbcab224kph55tfb6edamq6vs9g1hke039p0f3x8nrz1ntred7993y9ygc0a3s41mnmgcgpg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHuePNmwLYaWMNcbh-gbCvLn4D5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjMzMzg4NDA2MDcwNTgwM6ABwq7o3QPIAQmpAqYwe0Dm2bM-qAMBqgTFAU_QwnzvKyPcz-nqSlZ2EnDaTGtqqxgfqSzPdjpHJhVl_KOe5jk9qPHFuf7lfmd5CnH7ZnWxl4hzrcJqYcgi55NEwFPEBdTvlyEOt0lu8ToXkOIq8bc0lrsoel-ISOkwzkc-AiUj3gHNbeWtfwKLsbZ8oCy17fCTU_bQFdKGOkvgZWCW5-OcpQYSw3L8qjOdF5p25q8mBPHP8ejGN9qArKe50EPRZ6Cfpw0qTX3LXifGvaBJ09JQO_86q01iM7wLV9Ycw5pggAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0tT7zU_xbS08fyGntb4HEbnYqsrQ%26client%3Dca-pub-2333884060705803%26adurl%3D pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://googleads.g.doubleclick.net/ Response headers date Thu, 05 Aug 2021 04:42:31 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding report-to {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400} nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"} expires 0 cache-control no-store, no-cache, must-revalidate, proxy-revalidate content-security-policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox feature-policy geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self' referrer-policy same-origin pragma no-cache surrogate-control no-store x-fastcgi-cache BYPASS x-backend-server adsrv-wmp3 via 1.1 google alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 679d5bf82c470601-FRA content-encoding br
GET H3-29	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210802/r20110914/client/ Frame 7FFA	2 KB 1 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210802/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=3101593496&adf=1576911250&pi=t.aa~a.369641440~rp.4&w=363&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=363x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=2&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0%2C612x280%2C612x280&nras=4&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=415&ady=2564&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=qeMUwfalVY&p=https%3A//vhearts.net&dtd=71 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 04:08:30 GMT content-encoding gzip x-content-type-options nosniff age 2041 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1339 x-xss-protection 0 server cafe etag 2275704724217174249 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 19 Aug 2021 04:08:30 GMT
GET H3-29	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame AF28	1 KB 749 B	11ms 9ms	Document text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=3101593496&adf=1576911250&pi=t.aa~a.369641440~rp.4&w=363&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=363x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=2&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0%2C612x280%2C612x280&nras=4&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=415&ady=2564&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=qeMUwfalVY&p=https%3A//vhearts.net&dtd=71 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority pagead2.googlesyndication.com :scheme https :path /pagead/s/cookie_push_onload.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://googleads.g.doubleclick.net/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Wed, 04 Aug 2021 11:56:19 GMT expires Thu, 05 Aug 2021 11:56:19 GMT content-type text/html; charset=UTF-8 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 age 60372 cache-control public, max-age=86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 7FFA	124 KB 37 KB	22ms 21ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=3101593496&adf=1576911250&pi=t.aa~a.369641440~rp.4&w=363&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=363x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=2&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0%2C612x280%2C612x280&nras=4&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=415&ady=2564&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=qeMUwfalVY&p=https%3A//vhearts.net&dtd=71 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cf84082e259ad41af7fd361fd43e0bee4f52c633d44d4bbaf02930a437d82a00 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 04:42:31 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1628076384053681" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38210 x-xss-protection 0 expires Thu, 05 Aug 2021 04:42:31 GMT
GET H3-29	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210802/r20110914/client/ Frame 7FFA	14 KB 6 KB	12ms 9ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210802/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=3101593496&adf=1576911250&pi=t.aa~a.369641440~rp.4&w=363&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=363x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=2&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0%2C612x280%2C612x280&nras=4&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=415&ady=2564&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=qeMUwfalVY&p=https%3A//vhearts.net&dtd=71 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 04:33:48 GMT content-encoding gzip x-content-type-options nosniff age 523 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6204 x-xss-protection 0 server cafe etag 11055049251678278959 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 19 Aug 2021 04:33:48 GMT
GET H3-29	204	l www.google.com/ads/measurement/ Frame 7FFA	0 0	24ms 14ms	Image text/html	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaSagRfxkUk51iN_xESNRg6AX1chi1JsknUACrrFl0e2UUzzKD3lTJd8P-CXRMCHZPHMrlXdTwHEpdG8Q5MgOpMezJWFBA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=3101593496&adf=1576911250&pi=t.aa~a.369641440~rp.4&w=363&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=363x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=2&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0%2C612x280%2C612x280&nras=4&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=415&ady=2564&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=qeMUwfalVY&p=https%3A//vhearts.net&dtd=71 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET DATA	200 OK	truncated / Frame 7FFA	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b20f46a8284de5e310e07db8218c23d687aeea322322fa5f6a5192934bd118ac Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	h78o6ojw9z7r Show response hal9000.redintelligence.net/zone/ Frame 28CC	11 KB 4 KB	95ms 32ms	Script text/html	78.46.23.46 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal9000.redintelligence.net/zone/h78o6ojw9z7r?subid=&rnd=5030011944517376466&extVar[]=DOUBLEBORDER:1&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5030011944517376466%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D0a1c610b-6c37-4801-9933-d5def952acc7%26mt_cid%3D0a1c610b-6c37-4801-9933-d5def952acc7%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCOxezNmwLYc_DMprR7gPeppr4D8-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjMzMzg4NDA2MDcwNTgwM8gBCagDAaoExQFP0MAvdwJENqnonrNgpJgxIfRjehZBDrFDxdo0PZeueOWiU-Jba0WpBYm_tNbGTBDnD9PpgTGqELuSZwI3BD16jXe2DPbdIqLEzSJ7-gSK3-UvYxwxLICdwcuZcIurYb1PK6kOwwwvQRbjGEJNCsEP9zKRqAoZKprIgN5AjWILWrRvHX7In1EWR_F9H5Hnq_qaPc0xTcMzu5SUdGTmmlIVyBA9CR6tFqRi1ht1AVPs3wvP5hTOi4H0MTCFkMHUx9-Ix3eHxYAGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3SeikFc1FCFyKDeK75uSTRvE2_0Q%2526client%253Dca-pub-2333884060705803%2526adurl%253D%26redirect%3D Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.46.23.46.78.clients.your-server.de Software Apache / Resource Hash f065239d43b816dd24ca4167130ff3bb269d90622292f4abb9e3783965f23480 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 05 Aug 2021 04:42:31 GMT Content-Encoding gzip Server Apache Connection close Content-Length 3391 Vary Accept-Encoding Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	ck-confirm tags.mathtag.com/ Frame 28CC	49 B 330 B	93ms 25ms	Image image/gif	185.29.135.190 MEDIAMATH-INC
General Check archive.org Show headers Download Go to Show image Full URL https://tags.mathtag.com/ck-confirm?bid_id=5030011944517376466&node_id=1904&exch_id=4 Requested by Host: tags.mathtag.com URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWkRRd05EZGpaV1F0TVRCaU1DMHpOR1k1TFRBd01EQXRNREF3TURBd01EQXdNREF3LzUwMzAwMTE5NDQ1MTczNzY0NjYvNjYyMjMyOC80NTYyMzA2LzQvZ0NDcTVFME8wbnZLWWRybXZBNHpGLWR1VUxMNXNCZEc5WS01QWJpMmFuUS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC81MDMwMDExOTQ0NTE3Mzc2NDY2L2Ftcy8wLzUzLzI3Lzk5OS82Ni8yYTAxOjRmODoxOTI6Oi8wLjAwMC8xNjI4MTM4NTUwLzE2MjgxNTExNTAvNC9wdWItMjMzMzg4NDA2MDcwNTgwMy8/r5LrzwzPw4ZOYVgv0NmrsC4Fqj0&nodeid=1904&group=eu&auctionid=5030011944517376466&shardkey=5030011944517376466&sid=4562306&cid=6622328&bp=a_bdhgdj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.66&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOxezNmwLYc_DMprR7gPeppr4D8-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjMzMzg4NDA2MDcwNTgwM8gBCagDAaoExQFP0MAvdwJENqnonrNgpJgxIfRjehZBDrFDxdo0PZeueOWiU-Jba0WpBYm_tNbGTBDnD9PpgTGqELuSZwI3BD16jXe2DPbdIqLEzSJ7-gSK3-UvYxwxLICdwcuZcIurYb1PK6kOwwwvQRbjGEJNCsEP9zKRqAoZKprIgN5AjWILWrRvHX7In1EWR_F9H5Hnq_qaPc0xTcMzu5SUdGTmmlIVyBA9CR6tFqRi1ht1AVPs3wvP5hTOi4H0MTCFkMHUx9-Ix3eHxYAGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3SeikFc1FCFyKDeK75uSTRvE2_0Q%26client%3Dca-pub-2333884060705803%26adurl%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.29.135.190 , United Kingdom, ASN30419 (MEDIAMATH-INC, US), Reverse DNS Software MMBD/3.203.0 / Resource Hash 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 05 Aug 2021 04:42:28 GMT Server MMBD/3.203.0 Content-Type image/gif Cache-Control no-cache x-mm-host cdg-router-x52, cdg-bidder-x143 Connection keep-alive Keep-Alive timeout=360 Content-Length 49 Expires Thu, 05 Aug 2021 04:42:27 GMT
GET H/1.1	200 OK	img pixel.mathtag.com/event/ Frame 28CC	43 B 360 B	107ms 46ms	Image image/gif	2.18.233.201 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=5030011944517376466&v3=651871&v4=4562306&v5=6622328&mt_nsync=1&no_attr=1 Requested by Host: tags.mathtag.com URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWkRRd05EZGpaV1F0TVRCaU1DMHpOR1k1TFRBd01EQXRNREF3TURBd01EQXdNREF3LzUwMzAwMTE5NDQ1MTczNzY0NjYvNjYyMjMyOC80NTYyMzA2LzQvZ0NDcTVFME8wbnZLWWRybXZBNHpGLWR1VUxMNXNCZEc5WS01QWJpMmFuUS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC81MDMwMDExOTQ0NTE3Mzc2NDY2L2Ftcy8wLzUzLzI3Lzk5OS82Ni8yYTAxOjRmODoxOTI6Oi8wLjAwMC8xNjI4MTM4NTUwLzE2MjgxNTExNTAvNC9wdWItMjMzMzg4NDA2MDcwNTgwMy8/r5LrzwzPw4ZOYVgv0NmrsC4Fqj0&nodeid=1904&group=eu&auctionid=5030011944517376466&shardkey=5030011944517376466&sid=4562306&cid=6622328&bp=a_bdhgdj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.66&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOxezNmwLYc_DMprR7gPeppr4D8-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjMzMzg4NDA2MDcwNTgwM8gBCagDAaoExQFP0MAvdwJENqnonrNgpJgxIfRjehZBDrFDxdo0PZeueOWiU-Jba0WpBYm_tNbGTBDnD9PpgTGqELuSZwI3BD16jXe2DPbdIqLEzSJ7-gSK3-UvYxwxLICdwcuZcIurYb1PK6kOwwwvQRbjGEJNCsEP9zKRqAoZKprIgN5AjWILWrRvHX7In1EWR_F9H5Hnq_qaPc0xTcMzu5SUdGTmmlIVyBA9CR6tFqRi1ht1AVPs3wvP5hTOi4H0MTCFkMHUx9-Ix3eHxYAGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3SeikFc1FCFyKDeK75uSTRvE2_0Q%26client%3Dca-pub-2333884060705803%26adurl%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-233-201.deploy.static.akamaitechnologies.com Software MT3 3820 7698daf master zrh-pixel-x25 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 05 Aug 2021 04:42:31 GMT Server MT3 3820 7698daf master zrh-pixel-x25 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 05 Aug 2021 04:42:33 GMT
GET H/1.1	200 OK	img tags.mathtag.com/event/ Frame 28CC	49 B 330 B	91ms 23ms	Image image/gif	185.29.135.190 MEDIAMATH-INC
General Check archive.org Show headers Download Go to Show image Full URL https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=5030011944517376466&st=4562306&time=1628138551&nodeid=1904 Requested by Host: tags.mathtag.com URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWkRRd05EZGpaV1F0TVRCaU1DMHpOR1k1TFRBd01EQXRNREF3TURBd01EQXdNREF3LzUwMzAwMTE5NDQ1MTczNzY0NjYvNjYyMjMyOC80NTYyMzA2LzQvZ0NDcTVFME8wbnZLWWRybXZBNHpGLWR1VUxMNXNCZEc5WS01QWJpMmFuUS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC81MDMwMDExOTQ0NTE3Mzc2NDY2L2Ftcy8wLzUzLzI3Lzk5OS82Ni8yYTAxOjRmODoxOTI6Oi8wLjAwMC8xNjI4MTM4NTUwLzE2MjgxNTExNTAvNC9wdWItMjMzMzg4NDA2MDcwNTgwMy8/r5LrzwzPw4ZOYVgv0NmrsC4Fqj0&nodeid=1904&group=eu&auctionid=5030011944517376466&shardkey=5030011944517376466&sid=4562306&cid=6622328&bp=a_bdhgdj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.66&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOxezNmwLYc_DMprR7gPeppr4D8-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjMzMzg4NDA2MDcwNTgwM8gBCagDAaoExQFP0MAvdwJENqnonrNgpJgxIfRjehZBDrFDxdo0PZeueOWiU-Jba0WpBYm_tNbGTBDnD9PpgTGqELuSZwI3BD16jXe2DPbdIqLEzSJ7-gSK3-UvYxwxLICdwcuZcIurYb1PK6kOwwwvQRbjGEJNCsEP9zKRqAoZKprIgN5AjWILWrRvHX7In1EWR_F9H5Hnq_qaPc0xTcMzu5SUdGTmmlIVyBA9CR6tFqRi1ht1AVPs3wvP5hTOi4H0MTCFkMHUx9-Ix3eHxYAGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3SeikFc1FCFyKDeK75uSTRvE2_0Q%26client%3Dca-pub-2333884060705803%26adurl%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.29.135.190 , United Kingdom, ASN30419 (MEDIAMATH-INC, US), Reverse DNS Software MMBD/3.203.0 / Resource Hash 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 05 Aug 2021 04:42:28 GMT Server MMBD/3.203.0 Content-Type image/gif Cache-Control no-cache x-mm-host cdg-router-x38, cdg-bidder-x143 Connection keep-alive Keep-Alive timeout=360 Content-Length 49 Expires Thu, 05 Aug 2021 04:42:27 GMT
GET H/1.1	200 OK	h78o6ojw9z7r Show response hal9000.redintelligence.net/zone/ Frame 1BB7	11 KB 4 KB	90ms 32ms	Script text/html	78.46.23.46 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal9000.redintelligence.net/zone/h78o6ojw9z7r?subid=&rnd=8488776458337917555&extVar[]=DOUBLEBORDER:1&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8488776458337917555%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D0b1c610b-6c37-4a01-a688-35d248016165%26mt_cid%3D0b1c610b-6c37-4a01-a688-35d248016165%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCbaT0NmwLYdnCM7m4x_AP5JqzwA_Ph46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTIzMzM4ODQwNjA3MDU4MDPIAQmoAwGqBMUBT9CFPPOkWf8k0eCXUumFkNmOchigDCKGCAycmlWqm1FUEXo_pUgZv_GxCnzSaJkOUTpnq6mFFqoO_cwdma9IH3sRqhIaJ1E93CudeDF9dKMMerH6ivvv5hiCKOf20IXYGaGCM3rasYJkFtnmLLUJcy4NamCnSSZ80Z_O1MG5dUAIgz88ZQ1h_n8ALPxhMtrkpjVHNpyeAMdIA5AE6ziS454HEbkcC_TbCNICilbtPzB_ZUM7oprJ5CFeLAdZuiRwC89lpjCABpPmxMWZ3fWv-gGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2GbYXcMj-UWdgKhgxJuoZqsz7F3Q%2526client%253Dca-pub-2333884060705803%2526adurl%253D%26redirect%3D Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.46.23.46.78.clients.your-server.de Software Apache / Resource Hash e38bb59e1fb6dcf2110ae085a8b5ef8cda36483e1b655cd0f002c466f497e929 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 05 Aug 2021 04:42:31 GMT Content-Encoding gzip Server Apache Connection close Content-Length 3392 Vary Accept-Encoding Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	ck-confirm tags.mathtag.com/ Frame 1BB7	49 B 330 B	93ms 24ms	Image image/gif	185.29.135.190 MEDIAMATH-INC
General Check archive.org Show headers Download Go to Show image Full URL https://tags.mathtag.com/ck-confirm?bid_id=8488776458337917555&node_id=1904&exch_id=4 Requested by Host: tags.mathtag.com URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWkRRd05EZGpaV1F0TVRCaU1DMHpOR1k1TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg0ODg3NzY0NTgzMzc5MTc1NTUvNjYyMjMyOC80NTYyMzA2LzQvZ0NDcTVFME8wbnZLWWRybXZBNHpGNDAwX2dNZjhndGZMc3I3blRjaExnay8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NDg4Nzc2NDU4MzM3OTE3NTU1L2Ftcy8wLzUzLzI3Lzk5OS82Ni8yYTAxOjRmODoxOTI6Oi8wLjAwMC8xNjI4MTM4NTUwLzE2MjgxNTExNTAvNC9wdWItMjMzMzg4NDA2MDcwNTgwMy8/KveQOwBhhDL-UpoxMTF0IteAZ0w&nodeid=1904&group=eu&auctionid=8488776458337917555&shardkey=8488776458337917555&sid=4562306&cid=6622328&bp=a_bdhgdj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.46&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbaT0NmwLYdnCM7m4x_AP5JqzwA_Ph46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTIzMzM4ODQwNjA3MDU4MDPIAQmoAwGqBMUBT9CFPPOkWf8k0eCXUumFkNmOchigDCKGCAycmlWqm1FUEXo_pUgZv_GxCnzSaJkOUTpnq6mFFqoO_cwdma9IH3sRqhIaJ1E93CudeDF9dKMMerH6ivvv5hiCKOf20IXYGaGCM3rasYJkFtnmLLUJcy4NamCnSSZ80Z_O1MG5dUAIgz88ZQ1h_n8ALPxhMtrkpjVHNpyeAMdIA5AE6ziS454HEbkcC_TbCNICilbtPzB_ZUM7oprJ5CFeLAdZuiRwC89lpjCABpPmxMWZ3fWv-gGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2GbYXcMj-UWdgKhgxJuoZqsz7F3Q%26client%3Dca-pub-2333884060705803%26adurl%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.29.135.190 , United Kingdom, ASN30419 (MEDIAMATH-INC, US), Reverse DNS Software MMBD/3.203.0 / Resource Hash 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 05 Aug 2021 04:42:28 GMT Server MMBD/3.203.0 Content-Type image/gif Cache-Control no-cache x-mm-host cdg-router-x91, cdg-bidder-x143 Connection keep-alive Keep-Alive timeout=360 Content-Length 49 Expires Thu, 05 Aug 2021 04:42:27 GMT
GET H/1.1	200 OK	img pixel.mathtag.com/event/ Frame 1BB7	43 B 359 B	103ms 44ms	Image image/gif	2.18.233.201 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=8488776458337917555&v3=651871&v4=4562306&v5=6622328&mt_nsync=1&no_attr=1 Requested by Host: tags.mathtag.com URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWkRRd05EZGpaV1F0TVRCaU1DMHpOR1k1TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg0ODg3NzY0NTgzMzc5MTc1NTUvNjYyMjMyOC80NTYyMzA2LzQvZ0NDcTVFME8wbnZLWWRybXZBNHpGNDAwX2dNZjhndGZMc3I3blRjaExnay8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NDg4Nzc2NDU4MzM3OTE3NTU1L2Ftcy8wLzUzLzI3Lzk5OS82Ni8yYTAxOjRmODoxOTI6Oi8wLjAwMC8xNjI4MTM4NTUwLzE2MjgxNTExNTAvNC9wdWItMjMzMzg4NDA2MDcwNTgwMy8/KveQOwBhhDL-UpoxMTF0IteAZ0w&nodeid=1904&group=eu&auctionid=8488776458337917555&shardkey=8488776458337917555&sid=4562306&cid=6622328&bp=a_bdhgdj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.46&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbaT0NmwLYdnCM7m4x_AP5JqzwA_Ph46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTIzMzM4ODQwNjA3MDU4MDPIAQmoAwGqBMUBT9CFPPOkWf8k0eCXUumFkNmOchigDCKGCAycmlWqm1FUEXo_pUgZv_GxCnzSaJkOUTpnq6mFFqoO_cwdma9IH3sRqhIaJ1E93CudeDF9dKMMerH6ivvv5hiCKOf20IXYGaGCM3rasYJkFtnmLLUJcy4NamCnSSZ80Z_O1MG5dUAIgz88ZQ1h_n8ALPxhMtrkpjVHNpyeAMdIA5AE6ziS454HEbkcC_TbCNICilbtPzB_ZUM7oprJ5CFeLAdZuiRwC89lpjCABpPmxMWZ3fWv-gGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2GbYXcMj-UWdgKhgxJuoZqsz7F3Q%26client%3Dca-pub-2333884060705803%26adurl%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-233-201.deploy.static.akamaitechnologies.com Software MT3 3820 7698daf master zrh-pixel-x8 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 05 Aug 2021 04:42:31 GMT Server MT3 3820 7698daf master zrh-pixel-x8 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 05 Aug 2021 04:42:33 GMT
GET H/1.1	200 OK	img tags.mathtag.com/event/ Frame 1BB7	49 B 330 B	92ms 22ms	Image image/gif	185.29.135.190 MEDIAMATH-INC
General Check archive.org Show headers Download Go to Show image Full URL https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=8488776458337917555&st=4562306&time=1628138551&nodeid=1904 Requested by Host: tags.mathtag.com URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWkRRd05EZGpaV1F0TVRCaU1DMHpOR1k1TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg0ODg3NzY0NTgzMzc5MTc1NTUvNjYyMjMyOC80NTYyMzA2LzQvZ0NDcTVFME8wbnZLWWRybXZBNHpGNDAwX2dNZjhndGZMc3I3blRjaExnay8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NDg4Nzc2NDU4MzM3OTE3NTU1L2Ftcy8wLzUzLzI3Lzk5OS82Ni8yYTAxOjRmODoxOTI6Oi8wLjAwMC8xNjI4MTM4NTUwLzE2MjgxNTExNTAvNC9wdWItMjMzMzg4NDA2MDcwNTgwMy8/KveQOwBhhDL-UpoxMTF0IteAZ0w&nodeid=1904&group=eu&auctionid=8488776458337917555&shardkey=8488776458337917555&sid=4562306&cid=6622328&bp=a_bdhgdj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.46&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbaT0NmwLYdnCM7m4x_AP5JqzwA_Ph46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTIzMzM4ODQwNjA3MDU4MDPIAQmoAwGqBMUBT9CFPPOkWf8k0eCXUumFkNmOchigDCKGCAycmlWqm1FUEXo_pUgZv_GxCnzSaJkOUTpnq6mFFqoO_cwdma9IH3sRqhIaJ1E93CudeDF9dKMMerH6ivvv5hiCKOf20IXYGaGCM3rasYJkFtnmLLUJcy4NamCnSSZ80Z_O1MG5dUAIgz88ZQ1h_n8ALPxhMtrkpjVHNpyeAMdIA5AE6ziS454HEbkcC_TbCNICilbtPzB_ZUM7oprJ5CFeLAdZuiRwC89lpjCABpPmxMWZ3fWv-gGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2GbYXcMj-UWdgKhgxJuoZqsz7F3Q%26client%3Dca-pub-2333884060705803%26adurl%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.29.135.190 , United Kingdom, ASN30419 (MEDIAMATH-INC, US), Reverse DNS Software MMBD/3.203.0 / Resource Hash 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 05 Aug 2021 04:42:28 GMT Server MMBD/3.203.0 Content-Type image/gif Cache-Control no-cache x-mm-host cdg-router-x87, cdg-bidder-x143 Connection keep-alive Keep-Alive timeout=360 Content-Length 49 Expires Thu, 05 Aug 2021 04:42:27 GMT
GET H3-29	200	default.css ad4m.at/0.1.124-320/style/one-ad/ Frame D693	58 KB 59 KB	24ms 14ms	Stylesheet text/css	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/0.1.124-320/style/one-ad/default.css Requested by Host: ad4m.at URL: https://ad4m.at/ad/dr?ed=1j8vpwn78v0zxkyn66nq25bzz9b83v49ejg69d7pj9afwwfx2j7ee7bh876ye9v0zjyjckwwnzv9ptb8a54vr39e7tg4ted6y5g3wexah968kn981a4zw3gz2et9bdfb3j9e6a8xbh762j2fvmpnfap1b04addnbjfbgk5v5kgdbqxxs1knhw1vq4xq5m7htz4yhzwh2yf6sg27nzyk3qyz4v94055gy78pwneeepj83swgsvbezhzgkbw0g39y5yfdm6y8sa3p0zp80ryqqwekk6vq7qwkbcjqbmewp1npmp37ywg2brrbcab224kph55tfb6edamq6vs9g1hke039p0f3x8nrz1ntred7993y9ygc0a3s41mnmgcgpg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHuePNmwLYaWMNcbh-gbCvLn4D5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjMzMzg4NDA2MDcwNTgwM6ABwq7o3QPIAQmpAqYwe0Dm2bM-qAMBqgTFAU_QwnzvKyPcz-nqSlZ2EnDaTGtqqxgfqSzPdjpHJhVl_KOe5jk9qPHFuf7lfmd5CnH7ZnWxl4hzrcJqYcgi55NEwFPEBdTvlyEOt0lu8ToXkOIq8bc0lrsoel-ISOkwzkc-AiUj3gHNbeWtfwKLsbZ8oCy17fCTU_bQFdKGOkvgZWCW5-OcpQYSw3L8qjOdF5p25q8mBPHP8ejGN9qArKe50EPRZ6Cfpw0qTX3LXifGvaBJ09JQO_86q01iM7wLV9Ycw5pggAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0tT7zU_xbS08fyGntb4HEbnYqsrQ%26client%3Dca-pub-2333884060705803%26adurl%3D Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880 Request headers Referer https://ad4m.at/ad/dr?ed=1j8vpwn78v0zxkyn66nq25bzz9b83v49ejg69d7pj9afwwfx2j7ee7bh876ye9v0zjyjckwwnzv9ptb8a54vr39e7tg4ted6y5g3wexah968kn981a4zw3gz2et9bdfb3j9e6a8xbh762j2fvmpnfap1b04addnbjfbgk5v5kgdbqxxs1knhw1vq4xq5m7htz4yhzwh2yf6sg27nzyk3qyz4v94055gy78pwneeepj83swgsvbezhzgkbw0g39y5yfdm6y8sa3p0zp80ryqqwekk6vq7qwkbcjqbmewp1npmp37ywg2brrbcab224kph55tfb6edamq6vs9g1hke039p0f3x8nrz1ntred7993y9ygc0a3s41mnmgcgpg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHuePNmwLYaWMNcbh-gbCvLn4D5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjMzMzg4NDA2MDcwNTgwM6ABwq7o3QPIAQmpAqYwe0Dm2bM-qAMBqgTFAU_QwnzvKyPcz-nqSlZ2EnDaTGtqqxgfqSzPdjpHJhVl_KOe5jk9qPHFuf7lfmd5CnH7ZnWxl4hzrcJqYcgi55NEwFPEBdTvlyEOt0lu8ToXkOIq8bc0lrsoel-ISOkwzkc-AiUj3gHNbeWtfwKLsbZ8oCy17fCTU_bQFdKGOkvgZWCW5-OcpQYSw3L8qjOdF5p25q8mBPHP8ejGN9qArKe50EPRZ6Cfpw0qTX3LXifGvaBJ09JQO_86q01iM7wLV9Ycw5pggAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0tT7zU_xbS08fyGntb4HEbnYqsrQ%26client%3Dca-pub-2333884060705803%26adurl%3D User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-goog-hash crc32c=/Fheiw==, md5=iazLgrLD9V76ltPySV8jTQ== date Thu, 05 Aug 2021 04:42:31 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3262213 cf-polished origSize=59196 x-guploader-uploadid ADPycdtkioITd9kON3MDPr-nVhtDYZvM5BcWwBJS7eF-ZszN4EdBaLdVcBmWoP0vGtgvogL9Lz8Tib9QpKYbbvav9lA x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 58969 last-modified Mon, 28 Jun 2021 10:31:59 GMT server cloudflare etag "89accb82b2c3f55efa96d3f2495f234d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wpOe05WRratPw1nKrSIaRRyaZa5Pwy4LBuqCQmWD%2Bo8VqoJzNp2ps2Is8Lu3cPLKpIbpQhcqyeEndGcKK7Cy4MFCaA%2FHGXU9XEMvS7TBlKtRIdtq1vHa%2BdJjdRTL9%2FnJzAKj3kM%3D"}],"group":"cf-nel","max_age":604800} x-goog-generation 1624876319573767 content-type text/css expires Tue, 28 Jun 2022 10:32:18 GMT cache-control public, max-age=31536000, no-transform x-goog-stored-content-length 6688 accept-ranges bytes cf-ray 679d5bf91a1c4e79-FRA cf-bgj minify
GET H3-29	200	fxpcopuw.js Show response ad4m.at/ Frame D693	36 KB 13 KB	29ms 20ms	Script application/javascript	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/fxpcopuw.js Requested by Host: ad4m.at URL: https://ad4m.at/ad/dr?ed=1j8vpwn78v0zxkyn66nq25bzz9b83v49ejg69d7pj9afwwfx2j7ee7bh876ye9v0zjyjckwwnzv9ptb8a54vr39e7tg4ted6y5g3wexah968kn981a4zw3gz2et9bdfb3j9e6a8xbh762j2fvmpnfap1b04addnbjfbgk5v5kgdbqxxs1knhw1vq4xq5m7htz4yhzwh2yf6sg27nzyk3qyz4v94055gy78pwneeepj83swgsvbezhzgkbw0g39y5yfdm6y8sa3p0zp80ryqqwekk6vq7qwkbcjqbmewp1npmp37ywg2brrbcab224kph55tfb6edamq6vs9g1hke039p0f3x8nrz1ntred7993y9ygc0a3s41mnmgcgpg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHuePNmwLYaWMNcbh-gbCvLn4D5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjMzMzg4NDA2MDcwNTgwM6ABwq7o3QPIAQmpAqYwe0Dm2bM-qAMBqgTFAU_QwnzvKyPcz-nqSlZ2EnDaTGtqqxgfqSzPdjpHJhVl_KOe5jk9qPHFuf7lfmd5CnH7ZnWxl4hzrcJqYcgi55NEwFPEBdTvlyEOt0lu8ToXkOIq8bc0lrsoel-ISOkwzkc-AiUj3gHNbeWtfwKLsbZ8oCy17fCTU_bQFdKGOkvgZWCW5-OcpQYSw3L8qjOdF5p25q8mBPHP8ejGN9qArKe50EPRZ6Cfpw0qTX3LXifGvaBJ09JQO_86q01iM7wLV9Ycw5pggAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0tT7zU_xbS08fyGntb4HEbnYqsrQ%26client%3Dca-pub-2333884060705803%26adurl%3D Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 980a0ed841d025e07f7ffc83943d26b590abfd96c857a19ac76394099a35c67e Request headers Referer https://ad4m.at/ad/dr?ed=1j8vpwn78v0zxkyn66nq25bzz9b83v49ejg69d7pj9afwwfx2j7ee7bh876ye9v0zjyjckwwnzv9ptb8a54vr39e7tg4ted6y5g3wexah968kn981a4zw3gz2et9bdfb3j9e6a8xbh762j2fvmpnfap1b04addnbjfbgk5v5kgdbqxxs1knhw1vq4xq5m7htz4yhzwh2yf6sg27nzyk3qyz4v94055gy78pwneeepj83swgsvbezhzgkbw0g39y5yfdm6y8sa3p0zp80ryqqwekk6vq7qwkbcjqbmewp1npmp37ywg2brrbcab224kph55tfb6edamq6vs9g1hke039p0f3x8nrz1ntred7993y9ygc0a3s41mnmgcgpg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHuePNmwLYaWMNcbh-gbCvLn4D5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjMzMzg4NDA2MDcwNTgwM6ABwq7o3QPIAQmpAqYwe0Dm2bM-qAMBqgTFAU_QwnzvKyPcz-nqSlZ2EnDaTGtqqxgfqSzPdjpHJhVl_KOe5jk9qPHFuf7lfmd5CnH7ZnWxl4hzrcJqYcgi55NEwFPEBdTvlyEOt0lu8ToXkOIq8bc0lrsoel-ISOkwzkc-AiUj3gHNbeWtfwKLsbZ8oCy17fCTU_bQFdKGOkvgZWCW5-OcpQYSw3L8qjOdF5p25q8mBPHP8ejGN9qArKe50EPRZ6Cfpw0qTX3LXifGvaBJ09JQO_86q01iM7wLV9Ycw5pggAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0tT7zU_xbS08fyGntb4HEbnYqsrQ%26client%3Dca-pub-2333884060705803%26adurl%3D User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-goog-hash crc32c=ndtGUA==, md5=/5LvoHnoxEbm4C/6/XyRVA== date Thu, 05 Aug 2021 04:42:31 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 59571 x-guploader-uploadid ABg5-Uxp6BLlfFJIDLoI1jFxsoTki2I7AGTqXUpj-woLYZslYRPfPoFvXRWwgy8xINJ55FtpEUTtqu23PiPp_PC-4UA x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip cf-bgj minify alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Mon, 14 Jun 2021 12:08:33 GMT server cloudflare etag W/"ff92efa079e8c446e6e02ffafd7c9154" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uLor11esY7e68A3OH21ewqBTPTDb1U%2FE8g9rcPfxGoF3pcNyus8kfUY1ULsUusTY%2BukuGz%2F2pmBDhCibLkBV8BoScFiXDHyFmTaTMHtQHax1sYvyFHmoieXADN0rd0CSGRk0fXc%3D"}],"group":"cf-nel","max_age":604800} x-goog-generation 1623672513020985 content-type application/javascript; charset=utf-8 cache-control public, max-age=3600, must-revalidate, stale-while-revalidate=300 x-goog-stored-content-length 11953 cf-ray 679d5bf91a1d4e79-FRA expires Wed, 04 Aug 2021 12:09:40 GMT
GET H2	200	dpixel cms.quantserve.com/ Frame AF28	35 B 463 B	393ms 30ms	Image image/gif	91.228.74.134 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEK52zKMLRkvSjfLg9i5He9k&google_cver=1&google_push=AYg5qPIcWZuw9P5jxTbXGQnsmB4-foOhRAGYp7csh3iXgvoYu_8rWH6auAoZmpiExtcDZ87arBBWo2tQHm58cDnSJNLelNr71YzFLQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=3101593496&adf=1576911250&pi=t.aa~a.369641440~rp.4&w=363&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=363x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=2&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0%2C612x280%2C612x280&nras=4&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=415&ady=2564&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=qeMUwfalVY&p=https%3A//vhearts.net&dtd=71 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.228.74.134 , United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:31 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" cache-control private, no-cache, no-store, proxy-revalidate content-type image/gif content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame AF28 Redirect Chain https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIKpmvu... https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIKpmvu... https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA4MDUwNDQyMzEwMDA2Mzc5NDc2MDc1NA%3D%3D&google_push=AYg5qPIKpmvuNQ866imN71nkNQBmeMMBLz1oPK0ioxjO7oSnez-xFRy024qENOBlhN0rha...	170 B 188 B	32ms 32ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA4MDUwNDQyMzEwMDA2Mzc5NDc2MDc1NA%3D%3D&google_push=AYg5qPIKpmvuNQ866imN71nkNQBmeMMBLz1oPK0ioxjO7oSnez-xFRy024qENOBlhN0rhaHAMsngLkqsxE_6FVpIvCxiJD2g58xL Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:31 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA4MDUwNDQyMzEwMDA2Mzc5NDc2MDc1NA%3D%3D&google_push=AYg5qPIKpmvuNQ866imN71nkNQBmeMMBLz1oPK0ioxjO7oSnez-xFRy024qENOBlhN0rhaHAMsngLkqsxE_6FVpIvCxiJD2g58xL pragma no-cache date Thu, 05 Aug 2021 04:42:31 GMT cache-control max-age=0, no-cache, no-store content-length 0 strict-transport-security max-age=2628000 expires Thu, 05 Aug 2021 04:42:31 GMT
GET H2	200	sync odr.mookie1.com/t/v2/ Frame AF28	43 B 324 B	74ms 25ms	Image image/gif	34.98.67.61 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEK53EXc2c4-RhvFHLQZaWig&google_push=AYg5qPJDuACmTWIg-8cQ9K_TmLMs5fyPGSTQbzEzekYIJu4X_w2DKz2fU6c4yMAlIRYXfLtwAium8Ic1Nbh9giGQzLOMA_s2YrzWvA&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=3101593496&adf=1576911250&pi=t.aa~a.369641440~rp.4&w=363&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=363x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=2&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0%2C612x280%2C612x280&nras=4&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=415&ady=2564&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=qeMUwfalVY&p=https%3A//vhearts.net&dtd=71 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 61.67.98.34.bc.googleusercontent.com Software Apache / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:31 GMT via 1.1 google server Apache p3p CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml" cache-control no-cache, no-store, must-revalidate content-type image/gif;charset=UTF-8 alt-svc clear content-length 43 x-application-context application expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame AF28 Redirect Chain https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QJJ5H9foSSeFGkEmhv3v7g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...	170 B 188 B	71ms 41ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QJJ5H9foSSeFGkEmhv3v7g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL7yCzTqyjsqWrnY8MTE1702pajYfkHFxmWUO6McJzxK4I6F4y-fuKE_vrrsRlYpHXNRxzKV5EiU4Pmq9X5CNJNyoJESXtasA Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:31 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QJJ5H9foSSeFGkEmhv3v7g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL7yCzTqyjsqWrnY8MTE1702pajYfkHFxmWUO6McJzxK4I6F4y-fuKE_vrrsRlYpHXNRxzKV5EiU4Pmq9X5CNJNyoJESXtasA date Thu, 05 Aug 2021 04:42:30 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 0 content-type text/html; charset=UTF-8
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame AF28 Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGR9awP-Y2T9qg0lKmbLTWM&google_cver=1&google_push=AYg5qPL2O5mJJmMdaTzRLS70hvdb98xAxNrL0FQ_LVk7f7L_lX8hwl05JCxUKonkMssRVkhcSKb... https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JZRk5NRTAtOC02OE9C&google_push=AYg5qPL2O5mJJmMdaTzRLS70hvdb98xAxNrL0FQ_LVk7f7L_lX8hwl05JCxUKonkMssRVkhcSKb44m-zT92-cAxDcmksYgDVvaOy	170 B 188 B	40ms 32ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JZRk5NRTAtOC02OE9C&google_push=AYg5qPL2O5mJJmMdaTzRLS70hvdb98xAxNrL0FQ_LVk7f7L_lX8hwl05JCxUKonkMssRVkhcSKb44m-zT92-cAxDcmksYgDVvaOy Requested by Host: vhearts.net URL: https://vhearts.net/vieclamdongnai Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:31 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JZRk5NRTAtOC02OE9C&google_push=AYg5qPL2O5mJJmMdaTzRLS70hvdb98xAxNrL0FQ_LVk7f7L_lX8hwl05JCxUKonkMssRVkhcSKb44m-zT92-cAxDcmksYgDVvaOy Cache-Control no-cache,no-store,must-revalidate Content-Type text/html content-length 0 X-RPHost 704c1e4d3fcc922a3031d436b584678b Expires 0
GET		pixel cm.g.doubleclick.net/ Frame AF28 Redirect Chain https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&googl... https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&googl... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43...	0 0
GET H2	200	trk ag.innovid.com/ Frame AF28	43 B 296 B	67ms 20ms	Image image/gif	2a05:d01c:1d8:8101:939a:325c:ab79:c5b3 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ag.innovid.com/trk?tid=11711&google_gid=CAESEN8NJAqKBftjePG-yfJyn7A&google_cver=1&google_push=AYg5qPLbmuxwTXHP9RCaBxWxgeZiNgIvR8OkgELKcqS0bXLtqq8_lBtiJ5mBfjqHtVtLVLYUUxeQftNiSEpOg1SuyiUI5rqyfnw_tw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=3101593496&adf=1576911250&pi=t.aa~a.369641440~rp.4&w=363&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=363x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=2&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0%2C612x280%2C612x280&nras=4&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=415&ady=2564&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=qeMUwfalVY&p=https%3A//vhearts.net&dtd=71 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:d01c:1d8:8101:939a:325c:ab79:c5b3 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:31 GMT cache-control no-cache content-type image/gif content-length 43 request-time 0 expires -1
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame AF28	0 50 B	32ms 31ms	Image text/html	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L3V4IED2jhj-l17AgMZ06tFuzeHIyVjbCHIUVT6bdthKkj0eM9P7N2ojHfY1CQHZegBDNr Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=3101593496&adf=1576911250&pi=t.aa~a.369641440~rp.4&w=363&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=363x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=2&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0%2C612x280%2C612x280&nras=4&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=415&ady=2564&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=qeMUwfalVY&p=https%3A//vhearts.net&dtd=71 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 04:42:31 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	adchoices_default.png static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame D693	3 KB 4 KB	30ms 14ms	Image image/png	2606:4700:3032::6815:57ae CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png Requested by Host: ad4m.at URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e Request headers Referer https://ad4m.at/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-goog-hash crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ== date Thu, 05 Aug 2021 04:42:31 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4896169 x-guploader-uploadid ABg5-UzzLZaEcDbjdbhukLGh7tDKAZOMFJOiU4iHwOPl8QLDCjazkiciYkkK8qFWGCtZPjDfwbZeIl1PxPDK-jxIb2s x-goog-storage-class STANDARD x-goog-custom-time 1970-01-01T00:00:00Z x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 3262 x-goog-meta- last-modified Wed, 09 Jun 2021 12:35:14 GMT server cloudflare etag "794c84d30e213ec6a144d64215f07551" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BoP%2BQAwX%2FaISWGC3gIkRPbaI5n0Lf4zUoRuCBoFD55xMbTrIyAMTjojnyv4OkKnPULDSdrKPoDsa9h8Hb2xsaNASM%2Fl4wwKk2JtzZD3Fneu5p4c5BdS1G6j2A6jhNslg66Vi2n7CdhXXgjfPCN6DGjNfA%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-generation 1623242114099744 content-type image/png cache-control public, max-age=31536000, immutable x-goog-stored-content-length 3262 accept-ranges bytes cf-ray 679d5bf968732c19-FRA expires Thu, 09 Jun 2022 12:39:42 GMT
GET H3-29	200	frame.html Show response ad4m.at/ Frame D345	2 KB 2 KB	14ms 13ms	Document text/html	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/frame.html Requested by Host: ad4m.at URL: https://ad4m.at/fxpcopuw.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4 Request headers :method GET :authority ad4m.at :scheme https :path /frame.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest iframe referer https://ad4m.at/ad/dr?ed=1j8vpwn78v0zxkyn66nq25bzz9b83v49ejg69d7pj9afwwfx2j7ee7bh876ye9v0zjyjckwwnzv9ptb8a54vr39e7tg4ted6y5g3wexah968kn981a4zw3gz2et9bdfb3j9e6a8xbh762j2fvmpnfap1b04addnbjfbgk5v5kgdbqxxs1knhw1vq4xq5m7htz4yhzwh2yf6sg27nzyk3qyz4v94055gy78pwneeepj83swgsvbezhzgkbw0g39y5yfdm6y8sa3p0zp80ryqqwekk6vq7qwkbcjqbmewp1npmp37ywg2brrbcab224kph55tfb6edamq6vs9g1hke039p0f3x8nrz1ntred7993y9ygc0a3s41mnmgcgpg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHuePNmwLYaWMNcbh-gbCvLn4D5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjMzMzg4NDA2MDcwNTgwM6ABwq7o3QPIAQmpAqYwe0Dm2bM-qAMBqgTFAU_QwnzvKyPcz-nqSlZ2EnDaTGtqqxgfqSzPdjpHJhVl_KOe5jk9qPHFuf7lfmd5CnH7ZnWxl4hzrcJqYcgi55NEwFPEBdTvlyEOt0lu8ToXkOIq8bc0lrsoel-ISOkwzkc-AiUj3gHNbeWtfwKLsbZ8oCy17fCTU_bQFdKGOkvgZWCW5-OcpQYSw3L8qjOdF5p25q8mBPHP8ejGN9qArKe50EPRZ6Cfpw0qTX3LXifGvaBJ09JQO_86q01iM7wLV9Ycw5pggAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0tT7zU_xbS08fyGntb4HEbnYqsrQ%26client%3Dca-pub-2333884060705803%26adurl%3D accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ad4m.at/ad/dr?ed=1j8vpwn78v0zxkyn66nq25bzz9b83v49ejg69d7pj9afwwfx2j7ee7bh876ye9v0zjyjckwwnzv9ptb8a54vr39e7tg4ted6y5g3wexah968kn981a4zw3gz2et9bdfb3j9e6a8xbh762j2fvmpnfap1b04addnbjfbgk5v5kgdbqxxs1knhw1vq4xq5m7htz4yhzwh2yf6sg27nzyk3qyz4v94055gy78pwneeepj83swgsvbezhzgkbw0g39y5yfdm6y8sa3p0zp80ryqqwekk6vq7qwkbcjqbmewp1npmp37ywg2brrbcab224kph55tfb6edamq6vs9g1hke039p0f3x8nrz1ntred7993y9ygc0a3s41mnmgcgpg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHuePNmwLYaWMNcbh-gbCvLn4D5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjMzMzg4NDA2MDcwNTgwM6ABwq7o3QPIAQmpAqYwe0Dm2bM-qAMBqgTFAU_QwnzvKyPcz-nqSlZ2EnDaTGtqqxgfqSzPdjpHJhVl_KOe5jk9qPHFuf7lfmd5CnH7ZnWxl4hzrcJqYcgi55NEwFPEBdTvlyEOt0lu8ToXkOIq8bc0lrsoel-ISOkwzkc-AiUj3gHNbeWtfwKLsbZ8oCy17fCTU_bQFdKGOkvgZWCW5-OcpQYSw3L8qjOdF5p25q8mBPHP8ejGN9qArKe50EPRZ6Cfpw0qTX3LXifGvaBJ09JQO_86q01iM7wLV9Ycw5pggAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0tT7zU_xbS08fyGntb4HEbnYqsrQ%26client%3Dca-pub-2333884060705803%26adurl%3D Response headers date Thu, 05 Aug 2021 04:42:31 GMT content-type text/html x-guploader-uploadid ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ expires Thu, 05 Aug 2021 05:42:31 GMT last-modified Wed, 06 May 2020 15:09:30 GMT x-goog-generation 1588777770164783 x-goog-metageneration 2 x-goog-stored-content-encoding identity x-goog-stored-content-length 1681 content-language en x-goog-hash crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g== x-goog-storage-class MULTI_REGIONAL age 978393 cache-control public, max-age=3600 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-cache-status HIT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZUhFj6Ls3wR%2BiBuxkm0VQakoZW%2BicTC3h6l6vYPjD53qWz%2BUxIJl6GjQqdGXf59UvQCcYdtXXJA51W8s9U0wvMTV%2Fe%2BYEEIeHeJRG2pwMsKL50fB0igwY88kQt3sE8IGDr1xU0g%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding server cloudflare cf-ray 679d5bf95a734e79-FRA content-encoding br
GET H/1.1	200 OK	request.php Show response hal900027.redintelligence.net/ Frame 28CC Redirect Chain https://hal900027.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=b1d0410722&subid=&uid=ce03bc37bcaa9a84&screenSize=1600x1200&screenSizeAvail=1600x1200&cl... https://hal900027.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=b1d0410722&subid=&uid=ce03bc37bcaa9a84&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...	2 KB 1 KB	182ms 129ms	Script application/x-javascript	78.46.111.106 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900027.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=b1d0410722&subid=&uid=ce03bc37bcaa9a84&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5030011944517376466%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D0a1c610b-6c37-4801-9933-d5def952acc7%26mt_cid%3D0a1c610b-6c37-4801-9933-d5def952acc7%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCOxezNmwLYc_DMprR7gPeppr4D8-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjMzMzg4NDA2MDcwNTgwM8gBCagDAaoExQFP0MAvdwJENqnonrNgpJgxIfRjehZBDrFDxdo0PZeueOWiU-Jba0WpBYm_tNbGTBDnD9PpgTGqELuSZwI3BD16jXe2DPbdIqLEzSJ7-gSK3-UvYxwxLICdwcuZcIurYb1PK6kOwwwvQRbjGEJNCsEP9zKRqAoZKprIgN5AjWILWrRvHX7In1EWR_F9H5Hnq_qaPc0xTcMzu5SUdGTmmlIVyBA9CR6tFqRi1ht1AVPs3wvP5hTOi4H0MTCFkMHUx9-Ix3eHxYAGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3SeikFc1FCFyKDeK75uSTRvE2_0Q%2526client%253Dca-pub-2333884060705803%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2333884060705803%26output%3Dhtml%26h%3D280%26adk%3D2073554963%26adf%3D1122717268%26pi%3Dt.aa~a.1316038043~rp.4%26w%3D612%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1628138550%26rafmt%3D1%26to%3Dqs%26pwprc%3D2198116220%26psa%3D0%26format%3D612x280%26url%3Dhttps%253A%252F%252Fvhearts.net%252Fvieclamdongnai%26flash%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..%26dt%3D1628138550782%26bpp%3D3%26bdt%3D2123%26idt%3D-M%26shv%3Dr20210802%26mjsv%3Dm202108040201%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D502dbd9bbdcbdefd-226619e186c90054%253AT%253D1628138550%253ART%253D1628138550%253AS%253DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ%26prev_fmts%3D363x280%252C363x280%252C0x0%26nras%3D2%26correlator%3D2231057986897%26frm%3D20%26pv%3D1%26ga_vid%3D1080471646.1628138550%26ga_sid%3D1628138550%26ga_hid%3D805508800%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D808%26ady%3D1255%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44743417%252C20211866%252C21065725%26oid%3D3%26pvsid%3D3013204802182325%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D3%26fsb%3D1%26xpc%3Dxcwvss8ZH1%26p%3Dhttps%253A%2F%2Fvhearts.net%26dtd%3D28&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fvhearts.net&random=363679877996&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=2073554963&adf=1122717268&pi=t.aa~a.1316038043~rp.4&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=3&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0&nras=2&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xcwvss8ZH1&p=https%3A//vhearts.net&dtd=28 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.106.111.46.78.clients.your-server.de Software Apache / Resource Hash 90b54b2bc890cbf57b2ad5269c88a5deb4f2f3b935b0c7da4ef65b81b5c2a073 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Thu, 05 Aug 2021 04:42:31 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-store, no-cache, must-revalidate, max-age=0 X-NEORY-SubId 43430100013615900951407011677027 Connection close Content-Type application/x-javascript; charset=utf-8 Content-Length 788 Expires Thu, 05 Aug 2021 05:42:31 +0200 Redirect headers Pragma no-cache Date Thu, 05 Aug 2021 04:42:31 GMT Server Apache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Location request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=b1d0410722&subid=&uid=ce03bc37bcaa9a84&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5030011944517376466%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D0a1c610b-6c37-4801-9933-d5def952acc7%26mt_cid%3D0a1c610b-6c37-4801-9933-d5def952acc7%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCOxezNmwLYc_DMprR7gPeppr4D8-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjMzMzg4NDA2MDcwNTgwM8gBCagDAaoExQFP0MAvdwJENqnonrNgpJgxIfRjehZBDrFDxdo0PZeueOWiU-Jba0WpBYm_tNbGTBDnD9PpgTGqELuSZwI3BD16jXe2DPbdIqLEzSJ7-gSK3-UvYxwxLICdwcuZcIurYb1PK6kOwwwvQRbjGEJNCsEP9zKRqAoZKprIgN5AjWILWrRvHX7In1EWR_F9H5Hnq_qaPc0xTcMzu5SUdGTmmlIVyBA9CR6tFqRi1ht1AVPs3wvP5hTOi4H0MTCFkMHUx9-Ix3eHxYAGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3SeikFc1FCFyKDeK75uSTRvE2_0Q%2526client%253Dca-pub-2333884060705803%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2333884060705803%26output%3Dhtml%26h%3D280%26adk%3D2073554963%26adf%3D1122717268%26pi%3Dt.aa~a.1316038043~rp.4%26w%3D612%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1628138550%26rafmt%3D1%26to%3Dqs%26pwprc%3D2198116220%26psa%3D0%26format%3D612x280%26url%3Dhttps%253A%252F%252Fvhearts.net%252Fvieclamdongnai%26flash%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..%26dt%3D1628138550782%26bpp%3D3%26bdt%3D2123%26idt%3D-M%26shv%3Dr20210802%26mjsv%3Dm202108040201%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D502dbd9bbdcbdefd-226619e186c90054%253AT%253D1628138550%253ART%253D1628138550%253AS%253DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ%26prev_fmts%3D363x280%252C363x280%252C0x0%26nras%3D2%26correlator%3D2231057986897%26frm%3D20%26pv%3D1%26ga_vid%3D1080471646.1628138550%26ga_sid%3D1628138550%26ga_hid%3D805508800%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D808%26ady%3D1255%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44743417%252C20211866%252C21065725%26oid%3D3%26pvsid%3D3013204802182325%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D3%26fsb%3D1%26xpc%3Dxcwvss8ZH1%26p%3Dhttps%253A%2F%2Fvhearts.net%26dtd%3D28&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fvhearts.net&random=363679877996&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Type text/html; charset=UTF-8 Content-Length 0 Expires Thu, 05 Aug 2021 05:42:31 +0200
POST H3-29	200	rs Show response ad4m.at/ Frame D693	1 KB 2 KB	19ms 19ms	XHR text/plain	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/rs Requested by Host: ad4m.at URL: https://ad4m.at/fxpcopuw.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d74cf8cfb51d35701794a7986a814ab3c776cf31028662b9e17ad85c2b3cf975 Request headers Referer https://ad4m.at/ad/dr?ed=1j8vpwn78v0zxkyn66nq25bzz9b83v49ejg69d7pj9afwwfx2j7ee7bh876ye9v0zjyjckwwnzv9ptb8a54vr39e7tg4ted6y5g3wexah968kn981a4zw3gz2et9bdfb3j9e6a8xbh762j2fvmpnfap1b04addnbjfbgk5v5kgdbqxxs1knhw1vq4xq5m7htz4yhzwh2yf6sg27nzyk3qyz4v94055gy78pwneeepj83swgsvbezhzgkbw0g39y5yfdm6y8sa3p0zp80ryqqwekk6vq7qwkbcjqbmewp1npmp37ywg2brrbcab224kph55tfb6edamq6vs9g1hke039p0f3x8nrz1ntred7993y9ygc0a3s41mnmgcgpg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHuePNmwLYaWMNcbh-gbCvLn4D5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjMzMzg4NDA2MDcwNTgwM6ABwq7o3QPIAQmpAqYwe0Dm2bM-qAMBqgTFAU_QwnzvKyPcz-nqSlZ2EnDaTGtqqxgfqSzPdjpHJhVl_KOe5jk9qPHFuf7lfmd5CnH7ZnWxl4hzrcJqYcgi55NEwFPEBdTvlyEOt0lu8ToXkOIq8bc0lrsoel-ISOkwzkc-AiUj3gHNbeWtfwKLsbZ8oCy17fCTU_bQFdKGOkvgZWCW5-OcpQYSw3L8qjOdF5p25q8mBPHP8ejGN9qArKe50EPRZ6Cfpw0qTX3LXifGvaBJ09JQO_86q01iM7wLV9Ycw5pggAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0tT7zU_xbS08fyGntb4HEbnYqsrQ%26client%3Dca-pub-2333884060705803%26adurl%3D User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json Response headers cf-ray 679d5bf98ad14e79-FRA date Thu, 05 Aug 2021 04:42:31 GMT via 1.1 google cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T7SKwQzJaeby5BY6BLUCA3ymhnbGk%2FaXgTxM8IPlx6e9hBCMmClg4G0CY%2B9nA14J5qmbOTwUyt3A6P3lWuH9nuvopMFq8zWGcLXyX0329J1jx%2B711VtPu7JDtjeGy60VzttcQEs%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain access-control-allow-origin https://ad4m.at alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 access-control-allow-credentials true content-encoding br x-backend-server rs-hn3r
GET H/1.1	200 OK	request.php Show response hal900014.redintelligence.net/ Frame 1BB7 Redirect Chain https://hal900014.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=b721887d26&subid=&uid=6c5af00e5ba18121&screenSize=1600x1200&screenSizeAvail=1600x1200&cl... https://hal900014.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=b721887d26&subid=&uid=6c5af00e5ba18121&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...	613 B 937 B	150ms 96ms	Script application/x-javascript	176.9.26.250 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900014.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=b721887d26&subid=&uid=6c5af00e5ba18121&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8488776458337917555%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D0b1c610b-6c37-4a01-a688-35d248016165%26mt_cid%3D0b1c610b-6c37-4a01-a688-35d248016165%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCbaT0NmwLYdnCM7m4x_AP5JqzwA_Ph46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTIzMzM4ODQwNjA3MDU4MDPIAQmoAwGqBMUBT9CFPPOkWf8k0eCXUumFkNmOchigDCKGCAycmlWqm1FUEXo_pUgZv_GxCnzSaJkOUTpnq6mFFqoO_cwdma9IH3sRqhIaJ1E93CudeDF9dKMMerH6ivvv5hiCKOf20IXYGaGCM3rasYJkFtnmLLUJcy4NamCnSSZ80Z_O1MG5dUAIgz88ZQ1h_n8ALPxhMtrkpjVHNpyeAMdIA5AE6ziS454HEbkcC_TbCNICilbtPzB_ZUM7oprJ5CFeLAdZuiRwC89lpjCABpPmxMWZ3fWv-gGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2GbYXcMj-UWdgKhgxJuoZqsz7F3Q%2526client%253Dca-pub-2333884060705803%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2333884060705803%26output%3Dhtml%26h%3D280%26adk%3D2073554963%26adf%3D3381349681%26pi%3Dt.aa~a.315596959~rp.4%26w%3D612%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1628138550%26rafmt%3D1%26to%3Dqs%26pwprc%3D2198116220%26psa%3D0%26format%3D612x280%26url%3Dhttps%253A%252F%252Fvhearts.net%252Fvieclamdongnai%26flash%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..%26dt%3D1628138550782%26bpp%3D2%26bdt%3D2123%26idt%3D-M%26shv%3Dr20210802%26mjsv%3Dm202108040201%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D502dbd9bbdcbdefd-226619e186c90054%253AT%253D1628138550%253ART%253D1628138550%253AS%253DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ%26prev_fmts%3D363x280%252C363x280%252C0x0%252C612x280%26nras%3D3%26correlator%3D2231057986897%26frm%3D20%26pv%3D1%26ga_vid%3D1080471646.1628138550%26ga_sid%3D1628138550%26ga_hid%3D805508800%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D808%26ady%3D1620%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44743417%252C20211866%252C21065725%26oid%3D3%26pvsid%3D3013204802182325%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D4%26fsb%3D1%26xpc%3D7Z0yTmErq7%26p%3Dhttps%253A%2F%2Fvhearts.net%26dtd%3D35&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fvhearts.net&random=9065677921951&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=2073554963&adf=3381349681&pi=t.aa~a.315596959~rp.4&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=2&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0%2C612x280&nras=3&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1620&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=7Z0yTmErq7&p=https%3A//vhearts.net&dtd=35 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.250.26.9.176.clients.your-server.de Software Apache / Resource Hash 1894d7c8108f1164168776513bc3b2b7a76ca532cbac88a82d938e730b9bcd98 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Thu, 05 Aug 2021 04:42:31 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-store, no-cache, must-revalidate, max-age=0 X-NEORY-SubId 70415300016645100951407011677014 Connection close Content-Type application/x-javascript; charset=utf-8 Content-Length 331 Expires Thu, 05 Aug 2021 05:42:31 +0200 Redirect headers Pragma no-cache Date Thu, 05 Aug 2021 04:42:31 GMT Server Apache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Location request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=b721887d26&subid=&uid=6c5af00e5ba18121&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8488776458337917555%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D0b1c610b-6c37-4a01-a688-35d248016165%26mt_cid%3D0b1c610b-6c37-4a01-a688-35d248016165%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCbaT0NmwLYdnCM7m4x_AP5JqzwA_Ph46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTIzMzM4ODQwNjA3MDU4MDPIAQmoAwGqBMUBT9CFPPOkWf8k0eCXUumFkNmOchigDCKGCAycmlWqm1FUEXo_pUgZv_GxCnzSaJkOUTpnq6mFFqoO_cwdma9IH3sRqhIaJ1E93CudeDF9dKMMerH6ivvv5hiCKOf20IXYGaGCM3rasYJkFtnmLLUJcy4NamCnSSZ80Z_O1MG5dUAIgz88ZQ1h_n8ALPxhMtrkpjVHNpyeAMdIA5AE6ziS454HEbkcC_TbCNICilbtPzB_ZUM7oprJ5CFeLAdZuiRwC89lpjCABpPmxMWZ3fWv-gGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2GbYXcMj-UWdgKhgxJuoZqsz7F3Q%2526client%253Dca-pub-2333884060705803%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2333884060705803%26output%3Dhtml%26h%3D280%26adk%3D2073554963%26adf%3D3381349681%26pi%3Dt.aa~a.315596959~rp.4%26w%3D612%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1628138550%26rafmt%3D1%26to%3Dqs%26pwprc%3D2198116220%26psa%3D0%26format%3D612x280%26url%3Dhttps%253A%252F%252Fvhearts.net%252Fvieclamdongnai%26flash%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..%26dt%3D1628138550782%26bpp%3D2%26bdt%3D2123%26idt%3D-M%26shv%3Dr20210802%26mjsv%3Dm202108040201%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D502dbd9bbdcbdefd-226619e186c90054%253AT%253D1628138550%253ART%253D1628138550%253AS%253DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ%26prev_fmts%3D363x280%252C363x280%252C0x0%252C612x280%26nras%3D3%26correlator%3D2231057986897%26frm%3D20%26pv%3D1%26ga_vid%3D1080471646.1628138550%26ga_sid%3D1628138550%26ga_hid%3D805508800%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D808%26ady%3D1620%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44743417%252C20211866%252C21065725%26oid%3D3%26pvsid%3D3013204802182325%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D4%26fsb%3D1%26xpc%3D7Z0yTmErq7%26p%3Dhttps%253A%2F%2Fvhearts.net%26dtd%3D35&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fvhearts.net&random=9065677921951&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Type text/html; charset=UTF-8 Content-Length 0 Expires Thu, 05 Aug 2021 05:42:31 +0200
GET H2	200	rar Show response as.ad4m.at/ad/ Frame 38B4	9 KB 4 KB	21ms 19ms	Document text/html	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=29efa8354f0b144832edd70694cb214b%2F3655096709381544189&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20hxjz63004zeefqtn4nmswc8wzd00mx86e81b50jqnkf8qg0x57g507m7snn00nft5zw37b5t7152jvt0bm6g1axdanbn7zfb32bgvvnz6ccj0mbfp2xxqbsv6kqz0dr10tpz88g4rkf7brpbr29y94xvkhp0g7fa272nf9q853t400abmsrj3b46takc5fy2t1r870g75jze0t1nq3cybnfq1gshv86fqhrx1swbe1t85k5cjpawr12q8ny%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHuePNmwLYaWMNcbh-gbCvLn4D5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjMzMzg4NDA2MDcwNTgwM6ABwq7o3QPIAQmpAqYwe0Dm2bM-qAMBqgTFAU_QwnzvKyPcz-nqSlZ2EnDaTGtqqxgfqSzPdjpHJhVl_KOe5jk9qPHFuf7lfmd5CnH7ZnWxl4hzrcJqYcgi55NEwFPEBdTvlyEOt0lu8ToXkOIq8bc0lrsoel-ISOkwzkc-AiUj3gHNbeWtfwKLsbZ8oCy17fCTU_bQFdKGOkvgZWCW5-OcpQYSw3L8qjOdF5p25q8mBPHP8ejGN9qArKe50EPRZ6Cfpw0qTX3LXifGvaBJ09JQO_86q01iM7wLV9Ycw5pggAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0tT7zU_xbS08fyGntb4HEbnYqsrQ%2526client%253Dca-pub-2333884060705803%2526adurl%253D&y=0&z=0 Requested by Host: ad4m.at URL: https://ad4m.at/fxpcopuw.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b76bb8397de8cfeaa7db3cc0d033034d467b3e432c27991cb8cc62ca5b88615b Security Headers Name Value Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority as.ad4m.at :scheme https :path /ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=29efa8354f0b144832edd70694cb214b%2F3655096709381544189&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20hxjz63004zeefqtn4nmswc8wzd00mx86e81b50jqnkf8qg0x57g507m7snn00nft5zw37b5t7152jvt0bm6g1axdanbn7zfb32bgvvnz6ccj0mbfp2xxqbsv6kqz0dr10tpz88g4rkf7brpbr29y94xvkhp0g7fa272nf9q853t400abmsrj3b46takc5fy2t1r870g75jze0t1nq3cybnfq1gshv86fqhrx1swbe1t85k5cjpawr12q8ny%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHuePNmwLYaWMNcbh-gbCvLn4D5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjMzMzg4NDA2MDcwNTgwM6ABwq7o3QPIAQmpAqYwe0Dm2bM-qAMBqgTFAU_QwnzvKyPcz-nqSlZ2EnDaTGtqqxgfqSzPdjpHJhVl_KOe5jk9qPHFuf7lfmd5CnH7ZnWxl4hzrcJqYcgi55NEwFPEBdTvlyEOt0lu8ToXkOIq8bc0lrsoel-ISOkwzkc-AiUj3gHNbeWtfwKLsbZ8oCy17fCTU_bQFdKGOkvgZWCW5-OcpQYSw3L8qjOdF5p25q8mBPHP8ejGN9qArKe50EPRZ6Cfpw0qTX3LXifGvaBJ09JQO_86q01iM7wLV9Ycw5pggAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0tT7zU_xbS08fyGntb4HEbnYqsrQ%2526client%253Dca-pub-2333884060705803%2526adurl%253D&y=0&z=0 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 04:42:31 GMT content-type text/html; charset=utf-8 strict-transport-security max-age=86400; includeSubDomains; preload cache-control no-store, no-cache, must-revalidate, proxy-revalidate x-download-options noopen x-content-type-options nosniff report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} x-xss-protection 1; mode=block content-security-policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' referrer-policy same-origin feature-policy geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self' nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} expires 0 surrogate-control no-store pragma no-cache via 1.1 google alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 679d5bf9be4e0601-FRA content-encoding br
GET H3-29	200	default.css as.ad4m.at/ad/style/0.1.7/one-ad/ Frame 38B4	64 KB 8 KB	16ms 16ms	Stylesheet text/css	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/style/0.1.7/one-ad/default.css Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=29efa8354f0b144832edd70694cb214b%2F3655096709381544189&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20hxjz63004zeefqtn4nmswc8wzd00mx86e81b50jqnkf8qg0x57g507m7snn00nft5zw37b5t7152jvt0bm6g1axdanbn7zfb32bgvvnz6ccj0mbfp2xxqbsv6kqz0dr10tpz88g4rkf7brpbr29y94xvkhp0g7fa272nf9q853t400abmsrj3b46takc5fy2t1r870g75jze0t1nq3cybnfq1gshv86fqhrx1swbe1t85k5cjpawr12q8ny%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHuePNmwLYaWMNcbh-gbCvLn4D5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjMzMzg4NDA2MDcwNTgwM6ABwq7o3QPIAQmpAqYwe0Dm2bM-qAMBqgTFAU_QwnzvKyPcz-nqSlZ2EnDaTGtqqxgfqSzPdjpHJhVl_KOe5jk9qPHFuf7lfmd5CnH7ZnWxl4hzrcJqYcgi55NEwFPEBdTvlyEOt0lu8ToXkOIq8bc0lrsoel-ISOkwzkc-AiUj3gHNbeWtfwKLsbZ8oCy17fCTU_bQFdKGOkvgZWCW5-OcpQYSw3L8qjOdF5p25q8mBPHP8ejGN9qArKe50EPRZ6Cfpw0qTX3LXifGvaBJ09JQO_86q01iM7wLV9Ycw5pggAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0tT7zU_xbS08fyGntb4HEbnYqsrQ%2526client%253Dca-pub-2333884060705803%2526adurl%253D&y=0&z=0 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=29efa8354f0b144832edd70694cb214b%2F3655096709381544189&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20hxjz63004zeefqtn4nmswc8wzd00mx86e81b50jqnkf8qg0x57g507m7snn00nft5zw37b5t7152jvt0bm6g1axdanbn7zfb32bgvvnz6ccj0mbfp2xxqbsv6kqz0dr10tpz88g4rkf7brpbr29y94xvkhp0g7fa272nf9q853t400abmsrj3b46takc5fy2t1r870g75jze0t1nq3cybnfq1gshv86fqhrx1swbe1t85k5cjpawr12q8ny%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHuePNmwLYaWMNcbh-gbCvLn4D5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjMzMzg4NDA2MDcwNTgwM6ABwq7o3QPIAQmpAqYwe0Dm2bM-qAMBqgTFAU_QwnzvKyPcz-nqSlZ2EnDaTGtqqxgfqSzPdjpHJhVl_KOe5jk9qPHFuf7lfmd5CnH7ZnWxl4hzrcJqYcgi55NEwFPEBdTvlyEOt0lu8ToXkOIq8bc0lrsoel-ISOkwzkc-AiUj3gHNbeWtfwKLsbZ8oCy17fCTU_bQFdKGOkvgZWCW5-OcpQYSw3L8qjOdF5p25q8mBPHP8ejGN9qArKe50EPRZ6Cfpw0qTX3LXifGvaBJ09JQO_86q01iM7wLV9Ycw5pggAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0tT7zU_xbS08fyGntb4HEbnYqsrQ%2526client%253Dca-pub-2333884060705803%2526adurl%253D&y=0&z=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 04:42:31 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} age 848288 cf-polished origSize=65497 surrogate-control no-store strict-transport-security max-age=86400; includeSubDomains; preload content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 x-xss-protection 1; mode=block pragma no-cache referrer-policy same-origin cf-bgj minify server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-download-options noopen report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} content-type text/css; charset=utf-8 vary Accept-Encoding cache-control public, max-age=3600 cf-ray 679d5bf9db454e79-FRA expires Thu, 05 Aug 2021 05:42:31 GMT
GET H2	200	B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528 assets.ad4m.at/logo/ Frame 38B4	18 KB 19 KB	24ms 20ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=29efa8354f0b144832edd70694cb214b%2F3655096709381544189&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20hxjz63004zeefqtn4nmswc8wzd00mx86e81b50jqnkf8qg0x57g507m7snn00nft5zw37b5t7152jvt0bm6g1axdanbn7zfb32bgvvnz6ccj0mbfp2xxqbsv6kqz0dr10tpz88g4rkf7brpbr29y94xvkhp0g7fa272nf9q853t400abmsrj3b46takc5fy2t1r870g75jze0t1nq3cybnfq1gshv86fqhrx1swbe1t85k5cjpawr12q8ny%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHuePNmwLYaWMNcbh-gbCvLn4D5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjMzMzg4NDA2MDcwNTgwM6ABwq7o3QPIAQmpAqYwe0Dm2bM-qAMBqgTFAU_QwnzvKyPcz-nqSlZ2EnDaTGtqqxgfqSzPdjpHJhVl_KOe5jk9qPHFuf7lfmd5CnH7ZnWxl4hzrcJqYcgi55NEwFPEBdTvlyEOt0lu8ToXkOIq8bc0lrsoel-ISOkwzkc-AiUj3gHNbeWtfwKLsbZ8oCy17fCTU_bQFdKGOkvgZWCW5-OcpQYSw3L8qjOdF5p25q8mBPHP8ejGN9qArKe50EPRZ6Cfpw0qTX3LXifGvaBJ09JQO_86q01iM7wLV9Ycw5pggAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0tT7zU_xbS08fyGntb4HEbnYqsrQ%2526client%253Dca-pub-2333884060705803%2526adurl%253D&y=0&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-goog-hash crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw== date Thu, 05 Aug 2021 04:42:31 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 34959 cf-polished origFmt=png, origSize=35453 x-guploader-uploadid ADPycdvcQOkJfyLGS6St_lXHA4C3yOyhwjoObGLR_HjdBddMqNSbDNW_DVAA-8lYYcZ1anLBtUnlfXzeUWflvL1sH6sqKL2moQ x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 18872 last-modified Mon, 18 May 2020 12:30:29 GMT server cloudflare etag "e18c9634cdd319e69c2765475f29cd13" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bk2ncpGImJT3O2Yqn57ACd9mnoeWrlubjhWV3b1eL0tix98jvLZY7BQT%2BhC7WJ4W0LwDEcxQzh%2F%2BXb7lkFZE2YyPwJs3zNTQHxaACAuYwGRBXI4qjDbxuCY2K%2B9mmn4LWDGF7cV6c9D7Q5dq"}],"group":"cf-nel","max_age":604800} x-goog-generation 1589805029334103 content-type image/webp expires Fri, 06 Aug 2021 04:42:31 GMT cache-control public, max-age=86400 x-goog-stored-content-length 35453 accept-ranges bytes cf-ray 679d5bf9dea10601-FRA cf-bgj imgq:85,h2pri
GET H2	200	A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C assets.ad4m.at/product_image/ Frame 38B4	2 KB 2 KB	16ms 13ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=29efa8354f0b144832edd70694cb214b%2F3655096709381544189&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20hxjz63004zeefqtn4nmswc8wzd00mx86e81b50jqnkf8qg0x57g507m7snn00nft5zw37b5t7152jvt0bm6g1axdanbn7zfb32bgvvnz6ccj0mbfp2xxqbsv6kqz0dr10tpz88g4rkf7brpbr29y94xvkhp0g7fa272nf9q853t400abmsrj3b46takc5fy2t1r870g75jze0t1nq3cybnfq1gshv86fqhrx1swbe1t85k5cjpawr12q8ny%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHuePNmwLYaWMNcbh-gbCvLn4D5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjMzMzg4NDA2MDcwNTgwM6ABwq7o3QPIAQmpAqYwe0Dm2bM-qAMBqgTFAU_QwnzvKyPcz-nqSlZ2EnDaTGtqqxgfqSzPdjpHJhVl_KOe5jk9qPHFuf7lfmd5CnH7ZnWxl4hzrcJqYcgi55NEwFPEBdTvlyEOt0lu8ToXkOIq8bc0lrsoel-ISOkwzkc-AiUj3gHNbeWtfwKLsbZ8oCy17fCTU_bQFdKGOkvgZWCW5-OcpQYSw3L8qjOdF5p25q8mBPHP8ejGN9qArKe50EPRZ6Cfpw0qTX3LXifGvaBJ09JQO_86q01iM7wLV9Ycw5pggAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0tT7zU_xbS08fyGntb4HEbnYqsrQ%2526client%253Dca-pub-2333884060705803%2526adurl%253D&y=0&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-goog-hash crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA== date Thu, 05 Aug 2021 04:42:31 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 32107 cf-polished origFmt=png, origSize=4031 x-guploader-uploadid ADPycduMzX4OgwORASwHpVohnj_ecymkhs6BRY-aHVemI2RYBDv4yETnrYeSiLLGcpt2dASfXrhfiLcrW2J9zgdd8XVKA4H9Mw x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 1598 last-modified Wed, 20 Jan 2021 17:03:56 GMT server cloudflare etag "7a3a98fe673db7b2502bd5c6d1316e2c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KGxfsYDlBsSRL0YzCnM5aIvEpCMlTAudFB5%2F6xUZWRug71OSBUt9fEmndiJf8XXLdPgXgMk2O%2BjV%2BvJTiV1Dg%2BHJxUjZGsQbXlkjHuDh%2BAauhe0Nh7JZbaY5WYUX2FL6h0WyimQyRgxQgUe0"}],"group":"cf-nel","max_age":604800} x-goog-generation 1611162235947637 content-type image/webp expires Fri, 06 Aug 2021 04:42:31 GMT cache-control public, max-age=86400 x-goog-stored-content-length 4031 accept-ranges bytes cf-ray 679d5bf9dea30601-FRA cf-bgj imgq:85,h2pri
GET H/1.1	200 OK	cshow.php www.awin1.com/ Frame 38B4	43 B 704 B	117ms 57ms	Image image/gif	104.111.239.217 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidDjeT3fwfbqPS3HmH9t1twAmF4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=29efa8354f0b144832edd70694cb214b%2F3655096709381544189&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20hxjz63004zeefqtn4nmswc8wzd00mx86e81b50jqnkf8qg0x57g507m7snn00nft5zw37b5t7152jvt0bm6g1axdanbn7zfb32bgvvnz6ccj0mbfp2xxqbsv6kqz0dr10tpz88g4rkf7brpbr29y94xvkhp0g7fa272nf9q853t400abmsrj3b46takc5fy2t1r870g75jze0t1nq3cybnfq1gshv86fqhrx1swbe1t85k5cjpawr12q8ny%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHuePNmwLYaWMNcbh-gbCvLn4D5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjMzMzg4NDA2MDcwNTgwM6ABwq7o3QPIAQmpAqYwe0Dm2bM-qAMBqgTFAU_QwnzvKyPcz-nqSlZ2EnDaTGtqqxgfqSzPdjpHJhVl_KOe5jk9qPHFuf7lfmd5CnH7ZnWxl4hzrcJqYcgi55NEwFPEBdTvlyEOt0lu8ToXkOIq8bc0lrsoel-ISOkwzkc-AiUj3gHNbeWtfwKLsbZ8oCy17fCTU_bQFdKGOkvgZWCW5-OcpQYSw3L8qjOdF5p25q8mBPHP8ejGN9qArKe50EPRZ6Cfpw0qTX3LXifGvaBJ09JQO_86q01iM7wLV9Ycw5pggAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0tT7zU_xbS08fyGntb4HEbnYqsrQ%2526client%253Dca-pub-2333884060705803%2526adurl%253D&y=0&z=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-239-217.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Thu, 05 Aug 2021 04:42:31 GMT Strict-Transport-Security max-age=86400 P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Node Helix Connection keep-alive Content-Type image/gif Content-Length 43 Expires 0
GET H2	200	092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399 assets.ad4m.at/logo/ Frame 38B4	38 KB 39 KB	23ms 21ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=29efa8354f0b144832edd70694cb214b%2F3655096709381544189&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20hxjz63004zeefqtn4nmswc8wzd00mx86e81b50jqnkf8qg0x57g507m7snn00nft5zw37b5t7152jvt0bm6g1axdanbn7zfb32bgvvnz6ccj0mbfp2xxqbsv6kqz0dr10tpz88g4rkf7brpbr29y94xvkhp0g7fa272nf9q853t400abmsrj3b46takc5fy2t1r870g75jze0t1nq3cybnfq1gshv86fqhrx1swbe1t85k5cjpawr12q8ny%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHuePNmwLYaWMNcbh-gbCvLn4D5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjMzMzg4NDA2MDcwNTgwM6ABwq7o3QPIAQmpAqYwe0Dm2bM-qAMBqgTFAU_QwnzvKyPcz-nqSlZ2EnDaTGtqqxgfqSzPdjpHJhVl_KOe5jk9qPHFuf7lfmd5CnH7ZnWxl4hzrcJqYcgi55NEwFPEBdTvlyEOt0lu8ToXkOIq8bc0lrsoel-ISOkwzkc-AiUj3gHNbeWtfwKLsbZ8oCy17fCTU_bQFdKGOkvgZWCW5-OcpQYSw3L8qjOdF5p25q8mBPHP8ejGN9qArKe50EPRZ6Cfpw0qTX3LXifGvaBJ09JQO_86q01iM7wLV9Ycw5pggAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0tT7zU_xbS08fyGntb4HEbnYqsrQ%2526client%253Dca-pub-2333884060705803%2526adurl%253D&y=0&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-goog-hash crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ== date Thu, 05 Aug 2021 04:42:31 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 31348 cf-polished origFmt=png, origSize=44613 x-guploader-uploadid ADPycdvMH-6tN-SEmc3Wj2fssRN0BVUiSdeC1FuuzsQz3_iBOALeegR60cC-bZHcN_PjDkQvZLRiECDD3c0n4tVmaw x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 39202 last-modified Wed, 22 Jan 2020 13:11:41 GMT server cloudflare etag "c2a4f822e5a831f3b5cab39c8bcae61d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6OF6i%2FJh9sklVNNmYzv8CFi0Cw1tkTsdV2POiZ7mKAHm2F3Gn5Wr8eVRoTGIZBxWr1w%2Fq8jhouhq2OpPXzkI6geS7CgA6PSvzD8sD%2Bz6op%2BPm8iyxlaPTX8rW4tLLF0UKRto22otBXhhcEl9"}],"group":"cf-nel","max_age":604800} x-goog-generation 1579698701189315 content-type image/webp expires Fri, 06 Aug 2021 04:42:31 GMT cache-control public, max-age=86400 x-goog-stored-content-length 44613 accept-ranges bytes cf-ray 679d5bf9eea40601-FRA cf-bgj imgq:85,h2pri
GET H2	200	69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A assets.ad4m.at/ Frame 38B4	113 KB 113 KB	16ms 13ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=29efa8354f0b144832edd70694cb214b%2F3655096709381544189&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20hxjz63004zeefqtn4nmswc8wzd00mx86e81b50jqnkf8qg0x57g507m7snn00nft5zw37b5t7152jvt0bm6g1axdanbn7zfb32bgvvnz6ccj0mbfp2xxqbsv6kqz0dr10tpz88g4rkf7brpbr29y94xvkhp0g7fa272nf9q853t400abmsrj3b46takc5fy2t1r870g75jze0t1nq3cybnfq1gshv86fqhrx1swbe1t85k5cjpawr12q8ny%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHuePNmwLYaWMNcbh-gbCvLn4D5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjMzMzg4NDA2MDcwNTgwM6ABwq7o3QPIAQmpAqYwe0Dm2bM-qAMBqgTFAU_QwnzvKyPcz-nqSlZ2EnDaTGtqqxgfqSzPdjpHJhVl_KOe5jk9qPHFuf7lfmd5CnH7ZnWxl4hzrcJqYcgi55NEwFPEBdTvlyEOt0lu8ToXkOIq8bc0lrsoel-ISOkwzkc-AiUj3gHNbeWtfwKLsbZ8oCy17fCTU_bQFdKGOkvgZWCW5-OcpQYSw3L8qjOdF5p25q8mBPHP8ejGN9qArKe50EPRZ6Cfpw0qTX3LXifGvaBJ09JQO_86q01iM7wLV9Ycw5pggAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0tT7zU_xbS08fyGntb4HEbnYqsrQ%2526client%253Dca-pub-2333884060705803%2526adurl%253D&y=0&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-goog-hash crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA== date Thu, 05 Aug 2021 04:42:31 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 40169 cf-polished origFmt=png, origSize=136328 x-guploader-uploadid ADPycdvqAG6InbgYhsJgGdF5b4Q5DynIN-AednGBaOc3dZPHsAAbCfKAQTNU3BVtNATNgGXBdJJ9k9ayrPfNWpqrWg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 115268 last-modified Tue, 29 Oct 2019 09:42:57 GMT server cloudflare etag "0357ac79cb3ff45b9d567eab80c7e34c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ApuTlfFkr%2Fv7eU6iKiAwMXPHRtw9LHQuluoMg%2Fs%2FKOW%2BJjtrXQ%2BR7k0aLk7nGiD1Y9IbRCAns%2BIq3BXf0gGx5RRiUgOKo499C2I9xRi9CL4wndsaZJPnCrlxWbVanyTKODNJWKBS1GZv3cG"}],"group":"cf-nel","max_age":604800} x-goog-generation 1572342177666668 content-type image/webp expires Fri, 06 Aug 2021 04:42:31 GMT cache-control public, max-age=86400 x-goog-stored-content-length 136328 accept-ranges bytes cf-ray 679d5bf9eea70601-FRA cf-bgj imgq:85,h2pri
GET H/1.1	200 OK	cshow.php www.awin1.com/ Frame 38B4	43 B 704 B	116ms 56ms	Image image/gif	104.111.239.217 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=29efa8354f0b144832edd70694cb214b%2F3655096709381544189&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20hxjz63004zeefqtn4nmswc8wzd00mx86e81b50jqnkf8qg0x57g507m7snn00nft5zw37b5t7152jvt0bm6g1axdanbn7zfb32bgvvnz6ccj0mbfp2xxqbsv6kqz0dr10tpz88g4rkf7brpbr29y94xvkhp0g7fa272nf9q853t400abmsrj3b46takc5fy2t1r870g75jze0t1nq3cybnfq1gshv86fqhrx1swbe1t85k5cjpawr12q8ny%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHuePNmwLYaWMNcbh-gbCvLn4D5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjMzMzg4NDA2MDcwNTgwM6ABwq7o3QPIAQmpAqYwe0Dm2bM-qAMBqgTFAU_QwnzvKyPcz-nqSlZ2EnDaTGtqqxgfqSzPdjpHJhVl_KOe5jk9qPHFuf7lfmd5CnH7ZnWxl4hzrcJqYcgi55NEwFPEBdTvlyEOt0lu8ToXkOIq8bc0lrsoel-ISOkwzkc-AiUj3gHNbeWtfwKLsbZ8oCy17fCTU_bQFdKGOkvgZWCW5-OcpQYSw3L8qjOdF5p25q8mBPHP8ejGN9qArKe50EPRZ6Cfpw0qTX3LXifGvaBJ09JQO_86q01iM7wLV9Ycw5pggAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0tT7zU_xbS08fyGntb4HEbnYqsrQ%2526client%253Dca-pub-2333884060705803%2526adurl%253D&y=0&z=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-239-217.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Thu, 05 Aug 2021 04:42:31 GMT Strict-Transport-Security max-age=86400 P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Node Helix Connection keep-alive Content-Type image/gif Content-Length 43 Expires 0
GET H2	200	188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410 assets.ad4m.at/logo/ Frame 38B4	8 KB 9 KB	23ms 21ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=29efa8354f0b144832edd70694cb214b%2F3655096709381544189&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20hxjz63004zeefqtn4nmswc8wzd00mx86e81b50jqnkf8qg0x57g507m7snn00nft5zw37b5t7152jvt0bm6g1axdanbn7zfb32bgvvnz6ccj0mbfp2xxqbsv6kqz0dr10tpz88g4rkf7brpbr29y94xvkhp0g7fa272nf9q853t400abmsrj3b46takc5fy2t1r870g75jze0t1nq3cybnfq1gshv86fqhrx1swbe1t85k5cjpawr12q8ny%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHuePNmwLYaWMNcbh-gbCvLn4D5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjMzMzg4NDA2MDcwNTgwM6ABwq7o3QPIAQmpAqYwe0Dm2bM-qAMBqgTFAU_QwnzvKyPcz-nqSlZ2EnDaTGtqqxgfqSzPdjpHJhVl_KOe5jk9qPHFuf7lfmd5CnH7ZnWxl4hzrcJqYcgi55NEwFPEBdTvlyEOt0lu8ToXkOIq8bc0lrsoel-ISOkwzkc-AiUj3gHNbeWtfwKLsbZ8oCy17fCTU_bQFdKGOkvgZWCW5-OcpQYSw3L8qjOdF5p25q8mBPHP8ejGN9qArKe50EPRZ6Cfpw0qTX3LXifGvaBJ09JQO_86q01iM7wLV9Ycw5pggAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0tT7zU_xbS08fyGntb4HEbnYqsrQ%2526client%253Dca-pub-2333884060705803%2526adurl%253D&y=0&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-goog-hash crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ== date Thu, 05 Aug 2021 04:42:31 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 31879 cf-polished qual=85, origFmt=jpeg, origSize=16723 x-guploader-uploadid ADPycdsA6T2jkWN0qug7D0QCHKOjpecdoF4YJisPoJAgymhibcC9bPykcebQ1xT-OripMioGv1pqJghm7lFW-Js9Y0k x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 8354 last-modified Wed, 22 Jan 2020 13:13:07 GMT server cloudflare etag "04cb7ec205cea351157aeffb998f3a85" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VfO%2FdFHnImc8Q9Pi992ccD%2BhQJWw%2FONoBSdoT%2BY5ZwWHqF4lfzgBT9rjifxrcTMIDl%2Fn0Jbz0tbc52o%2BUunjzPoaUWgZGPK4CjP47EmHhpg0EayYAY6CBag72Lic57sdmlbNEIaVOpFyTEvq"}],"group":"cf-nel","max_age":604800} x-goog-generation 1579698787150900 content-type image/webp expires Fri, 06 Aug 2021 04:42:31 GMT cache-control public, max-age=86400 x-goog-stored-content-length 16723 accept-ranges bytes cf-ray 679d5bf9eea90601-FRA cf-bgj imgq:85,h2pri
GET H2	200	FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B assets.ad4m.at/product_image/ Frame 38B4	30 KB 30 KB	22ms 20ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=29efa8354f0b144832edd70694cb214b%2F3655096709381544189&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20hxjz63004zeefqtn4nmswc8wzd00mx86e81b50jqnkf8qg0x57g507m7snn00nft5zw37b5t7152jvt0bm6g1axdanbn7zfb32bgvvnz6ccj0mbfp2xxqbsv6kqz0dr10tpz88g4rkf7brpbr29y94xvkhp0g7fa272nf9q853t400abmsrj3b46takc5fy2t1r870g75jze0t1nq3cybnfq1gshv86fqhrx1swbe1t85k5cjpawr12q8ny%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHuePNmwLYaWMNcbh-gbCvLn4D5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjMzMzg4NDA2MDcwNTgwM6ABwq7o3QPIAQmpAqYwe0Dm2bM-qAMBqgTFAU_QwnzvKyPcz-nqSlZ2EnDaTGtqqxgfqSzPdjpHJhVl_KOe5jk9qPHFuf7lfmd5CnH7ZnWxl4hzrcJqYcgi55NEwFPEBdTvlyEOt0lu8ToXkOIq8bc0lrsoel-ISOkwzkc-AiUj3gHNbeWtfwKLsbZ8oCy17fCTU_bQFdKGOkvgZWCW5-OcpQYSw3L8qjOdF5p25q8mBPHP8ejGN9qArKe50EPRZ6Cfpw0qTX3LXifGvaBJ09JQO_86q01iM7wLV9Ycw5pggAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0tT7zU_xbS08fyGntb4HEbnYqsrQ%2526client%253Dca-pub-2333884060705803%2526adurl%253D&y=0&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-goog-hash crc32c=yOKvRQ==, md5=98ixwodW4fBCQU4EOgLh+g== date Thu, 05 Aug 2021 04:42:31 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 39945 cf-polished qual=85, origFmt=jpeg, origSize=81547 x-guploader-uploadid ADPycduC1HUTBKcMd1-aLQ6BH-A55fE3h_aPATepSQgIYKRvdTZiWYk8RGhJVk7WdvbozuCLJw2rwJmgugYReRsz7g x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 30226 last-modified Thu, 09 Apr 2020 08:50:22 GMT server cloudflare etag "f7c8b1c28756e1f042414e043a02e1fa" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o9PriWnKoiuWZaIZB557s6JLLaRYp6tamHrcr6UWm9SQAiIfK0XC6JBwUqofA%2BwtFXsZpAx119nlHw52jYWSxmna5pB5e%2Fo2OkrMWVkJVZe%2BUl7FgXoRaIn43xoW2cXC3whV8GRI2W6x%2FaA7"}],"group":"cf-nel","max_age":604800} x-goog-generation 1586422222365290 content-type image/webp expires Fri, 06 Aug 2021 04:42:31 GMT cache-control public, max-age=86400 x-goog-stored-content-length 81547 accept-ranges bytes cf-ray 679d5bf9eeab0601-FRA cf-bgj imgq:85,h2pri
GET H/1.1	200	/ banner.congstar.de/cookie/ Frame 38B4 Redirect Chain https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%... https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=COn7geCImfICFY-WdwodJD8KjQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d... https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1628138551_8b97d860-f5a7-11eb-bfe3-692d0dec5663	0 518 B	88ms 27ms	Image text/plain	148.251.139.77 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1628138551_8b97d860-f5a7-11eb-bfe3-692d0dec5663 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=29efa8354f0b144832edd70694cb214b%2F3655096709381544189&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20hxjz63004zeefqtn4nmswc8wzd00mx86e81b50jqnkf8qg0x57g507m7snn00nft5zw37b5t7152jvt0bm6g1axdanbn7zfb32bgvvnz6ccj0mbfp2xxqbsv6kqz0dr10tpz88g4rkf7brpbr29y94xvkhp0g7fa272nf9q853t400abmsrj3b46takc5fy2t1r870g75jze0t1nq3cybnfq1gshv86fqhrx1swbe1t85k5cjpawr12q8ny%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHuePNmwLYaWMNcbh-gbCvLn4D5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjMzMzg4NDA2MDcwNTgwM6ABwq7o3QPIAQmpAqYwe0Dm2bM-qAMBqgTFAU_QwnzvKyPcz-nqSlZ2EnDaTGtqqxgfqSzPdjpHJhVl_KOe5jk9qPHFuf7lfmd5CnH7ZnWxl4hzrcJqYcgi55NEwFPEBdTvlyEOt0lu8ToXkOIq8bc0lrsoel-ISOkwzkc-AiUj3gHNbeWtfwKLsbZ8oCy17fCTU_bQFdKGOkvgZWCW5-OcpQYSw3L8qjOdF5p25q8mBPHP8ejGN9qArKe50EPRZ6Cfpw0qTX3LXifGvaBJ09JQO_86q01iM7wLV9Ycw5pggAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0tT7zU_xbS08fyGntb4HEbnYqsrQ%2526client%253Dca-pub-2333884060705803%2526adurl%253D&y=0&z=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.77.139.251.148.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Thu, 05 Aug 2021 04:42:31 GMT Server Apache P3P CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Cache-Control no-cache, no-store, must-revalidate Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 0 Redirect headers Date Thu, 05 Aug 2021 04:42:31 GMT Strict-Transport-Security max-age=86400 P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Location https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1628138551_8b97d860-f5a7-11eb-bfe3-692d0dec5663 Awin-Akamai-Rule-Set default Node Helix Connection keep-alive Content-Length 0
GET H/1.1	200 OK	request_content.php Show response hal900014.redintelligence.net/ Frame E0B4	4 KB 2 KB	80ms 27ms	Document text/html	176.9.26.250 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900014.redintelligence.net/request_content.php?s=70415300016645100951407011677014&a=8c8adc17 Requested by Host: hal900014.redintelligence.net URL: https://hal900014.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=b721887d26&subid=&uid=6c5af00e5ba18121&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8488776458337917555%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D0b1c610b-6c37-4a01-a688-35d248016165%26mt_cid%3D0b1c610b-6c37-4a01-a688-35d248016165%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCbaT0NmwLYdnCM7m4x_AP5JqzwA_Ph46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTIzMzM4ODQwNjA3MDU4MDPIAQmoAwGqBMUBT9CFPPOkWf8k0eCXUumFkNmOchigDCKGCAycmlWqm1FUEXo_pUgZv_GxCnzSaJkOUTpnq6mFFqoO_cwdma9IH3sRqhIaJ1E93CudeDF9dKMMerH6ivvv5hiCKOf20IXYGaGCM3rasYJkFtnmLLUJcy4NamCnSSZ80Z_O1MG5dUAIgz88ZQ1h_n8ALPxhMtrkpjVHNpyeAMdIA5AE6ziS454HEbkcC_TbCNICilbtPzB_ZUM7oprJ5CFeLAdZuiRwC89lpjCABpPmxMWZ3fWv-gGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2GbYXcMj-UWdgKhgxJuoZqsz7F3Q%2526client%253Dca-pub-2333884060705803%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2333884060705803%26output%3Dhtml%26h%3D280%26adk%3D2073554963%26adf%3D3381349681%26pi%3Dt.aa~a.315596959~rp.4%26w%3D612%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1628138550%26rafmt%3D1%26to%3Dqs%26pwprc%3D2198116220%26psa%3D0%26format%3D612x280%26url%3Dhttps%253A%252F%252Fvhearts.net%252Fvieclamdongnai%26flash%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..%26dt%3D1628138550782%26bpp%3D2%26bdt%3D2123%26idt%3D-M%26shv%3Dr20210802%26mjsv%3Dm202108040201%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D502dbd9bbdcbdefd-226619e186c90054%253AT%253D1628138550%253ART%253D1628138550%253AS%253DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ%26prev_fmts%3D363x280%252C363x280%252C0x0%252C612x280%26nras%3D3%26correlator%3D2231057986897%26frm%3D20%26pv%3D1%26ga_vid%3D1080471646.1628138550%26ga_sid%3D1628138550%26ga_hid%3D805508800%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D808%26ady%3D1620%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44743417%252C20211866%252C21065725%26oid%3D3%26pvsid%3D3013204802182325%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D4%26fsb%3D1%26xpc%3D7Z0yTmErq7%26p%3Dhttps%253A%2F%2Fvhearts.net%26dtd%3D35&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fvhearts.net&random=9065677921951&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.250.26.9.176.clients.your-server.de Software Apache / Resource Hash 6acb702034b603b67b12dddfbdc3866358fd8d3a6741f21de0d2aba83b86ca43 Request headers Host hal900014.redintelligence.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://googleads.g.doubleclick.net/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie 8lcfmzhxc8d6_uid=fa6bb8c54dcecbcb Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://googleads.g.doubleclick.net/ Response headers Date Thu, 05 Aug 2021 04:42:31 GMT Server Apache Cache-Control no-store, no-cache, must-revalidate, max-age=0 Expires Thu, 05 Aug 2021 05:42:31 +0200 Pragma no-cache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Vary Accept-Encoding Content-Encoding gzip Content-Length 1413 Connection close Content-Type text/html; charset=utf-8
GET H3-29	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame FF74	1 KB 749 B	6ms 5ms	Document text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=2073554963&adf=3381349681&pi=t.aa~a.315596959~rp.4&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=2&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0%2C612x280&nras=3&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1620&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=7Z0yTmErq7&p=https%3A//vhearts.net&dtd=35 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority pagead2.googlesyndication.com :scheme https :path /pagead/s/cookie_push_onload.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://googleads.g.doubleclick.net/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Wed, 04 Aug 2021 11:56:19 GMT expires Thu, 05 Aug 2021 11:56:19 GMT content-type text/html; charset=UTF-8 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 age 60372 cache-control public, max-age=86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET DATA	200 OK	truncated / Frame 1BB7	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c57f758100705b696ea257be11c6cb150c201ec1e786d6c339b46805488052c8 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H2	200	dpixel cms.quantserve.com/ Frame FF74	35 B 462 B	37ms 30ms	Image image/gif	91.228.74.134 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEK52zKMLRkvSjfLg9i5He9k&google_cver=1&google_push=AYg5qPJVFfSeeueTtylarYWZpQcJ2XJtV9P2eA2hK30djkZ9fSrXuUWEuaveq1h5od2p4mYXKotBhT44Nb-5vaTO_TgG94krtu4 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=2073554963&adf=3381349681&pi=t.aa~a.315596959~rp.4&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=2&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0%2C612x280&nras=3&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1620&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=7Z0yTmErq7&p=https%3A//vhearts.net&dtd=35 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.228.74.134 , United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:31 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" cache-control private, no-cache, no-store, proxy-revalidate content-type image/gif content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame FF74 Redirect Chain https://d.agkn.com/pixel/2175/?google_gid=CAESEI_692VHwWfd6YodN2eZwE4&google_cver=1&google_push=AYg5qPKt6zbeJRczcSVr6tAmBrjAVOPjAfDKfx9PGr2qK5Pf7P-U0v_8ETj-8MtDzxz3y3qXy8HO4wH-w2o3JK2HaXJEph_nvzij https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKt6zbeJRczcSVr6tAmBrjAVOPjAfDKfx9PGr2qK5Pf7P-U0v_8ETj-8MtDzxz3y3qXy8HO4wH-w2o3JK2HaXJEph_nvzij&google_hm=Q0FFU0VJXzY5MlZId1dmZ...	170 B 188 B	31ms 31ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKt6zbeJRczcSVr6tAmBrjAVOPjAfDKfx9PGr2qK5Pf7P-U0v_8ETj-8MtDzxz3y3qXy8HO4wH-w2o3JK2HaXJEph_nvzij&google_hm=Q0FFU0VJXzY5MlZId1dmZDZZb2ROMmVad0U0 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=2073554963&adf=3381349681&pi=t.aa~a.315596959~rp.4&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=2&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0%2C612x280&nras=3&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1620&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=7Z0yTmErq7&p=https%3A//vhearts.net&dtd=35 Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:31 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Thu, 05 Aug 2021 04:42:31 GMT Server Apache-Coyote/1.1 P3P CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKt6zbeJRczcSVr6tAmBrjAVOPjAfDKfx9PGr2qK5Pf7P-U0v_8ETj-8MtDzxz3y3qXy8HO4wH-w2o3JK2HaXJEph_nvzij&google_hm=Q0FFU0VJXzY5MlZId1dmZDZZb2ROMmVad0U0 Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame FF74 Redirect Chain https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPITD7xM... https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA4MDUwNDQyMzEwMDA0NjY0NDU3MDE5Nw%3D%3D&google_push=AYg5qPITD7xMH635OnFzGjOBUFRKvIhcjUY7OV-pz4IkdealqIxNL9q0XRbFHoW0QsxtMI...	170 B 188 B	32ms 32ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA4MDUwNDQyMzEwMDA0NjY0NDU3MDE5Nw%3D%3D&google_push=AYg5qPITD7xMH635OnFzGjOBUFRKvIhcjUY7OV-pz4IkdealqIxNL9q0XRbFHoW0QsxtMIwgJkKkkT0CqhUbrSN5-7AVGwPsZf_S Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=2073554963&adf=3381349681&pi=t.aa~a.315596959~rp.4&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=2&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0%2C612x280&nras=3&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1620&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=7Z0yTmErq7&p=https%3A//vhearts.net&dtd=35 Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:31 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA4MDUwNDQyMzEwMDA0NjY0NDU3MDE5Nw%3D%3D&google_push=AYg5qPITD7xMH635OnFzGjOBUFRKvIhcjUY7OV-pz4IkdealqIxNL9q0XRbFHoW0QsxtMIwgJkKkkT0CqhUbrSN5-7AVGwPsZf_S pragma no-cache date Thu, 05 Aug 2021 04:42:31 GMT cache-control max-age=0, no-cache, no-store content-length 0 strict-transport-security max-age=2628000 expires Thu, 05 Aug 2021 04:42:31 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame FF74 Redirect Chain https://rtb.openx.net/sync/dds?google_gid=CAESEFdShOY_7NyHU3QG7w17Nhg&google_cver=1&google_push=AYg5qPJPUJq-N8vfVr2MfCIDaYUsBbAtkR3Pi6ks3OJQUFJ1W4A8BWEhNmTXJrYoeWnLU1dX99QvDSGzNA5FDiAUlyws__LaqVGI https://rtb.openx.net/sync/dds?google_gid=CAESEFdShOY_7NyHU3QG7w17Nhg&google_cver=1&google_push=AYg5qPJPUJq-N8vfVr2MfCIDaYUsBbAtkR3Pi6ks3OJQUFJ1W4A8BWEhNmTXJrYoeWnLU1dX99QvDSGzNA5FDiAUlyws__LaqVGI&... https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJPUJq-N8vfVr2MfCIDaYUsBbAtkR3Pi6ks3OJQUFJ1W4A8BWEhNmTXJrYoeWnLU1dX99QvDSGzNA5FDiAUlyws__LaqVGI&google_hm=6bPOm6oJwZosJGlBj2O0vg==	170 B 188 B	32ms 32ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJPUJq-N8vfVr2MfCIDaYUsBbAtkR3Pi6ks3OJQUFJ1W4A8BWEhNmTXJrYoeWnLU1dX99QvDSGzNA5FDiAUlyws__LaqVGI&google_hm=6bPOm6oJwZosJGlBj2O0vg== Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=2073554963&adf=3381349681&pi=t.aa~a.315596959~rp.4&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=2&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0%2C612x280&nras=3&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1620&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=7Z0yTmErq7&p=https%3A//vhearts.net&dtd=35 Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:31 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 05 Aug 2021 04:42:30 GMT via 1.1 google server Cowboy access-control-allow-origin null vary Origin p3p CP="CUR ADM OUR NOR STA NID" location https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJPUJq-N8vfVr2MfCIDaYUsBbAtkR3Pi6ks3OJQUFJ1W4A8BWEhNmTXJrYoeWnLU1dX99QvDSGzNA5FDiAUlyws__LaqVGI&google_hm=6bPOm6oJwZosJGlBj2O0vg== access-control-expose-headers cache-control private, max-age=0, no-cache, must-revalidate access-control-allow-credentials true alt-svc clear content-length 0 x-request-id rn2unh6l7n3ukq3of2ucvv234nnvtg4u
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame FF74 Redirect Chain https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QJJ5H9foSSeFGkEmhv3v7g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...	170 B 188 B	33ms 32ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QJJ5H9foSSeFGkEmhv3v7g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL7sRpodlWxmSEUNWyvg_sUJQMlPfXgXgYJgd7Xjvt96CS1HMycR4ghqFAzz7vwDhqWPf44FJ77ixnBHfdivkHnm8crKH8N Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=2073554963&adf=3381349681&pi=t.aa~a.315596959~rp.4&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=2&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0%2C612x280&nras=3&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1620&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=7Z0yTmErq7&p=https%3A//vhearts.net&dtd=35 Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:31 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QJJ5H9foSSeFGkEmhv3v7g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL7sRpodlWxmSEUNWyvg_sUJQMlPfXgXgYJgd7Xjvt96CS1HMycR4ghqFAzz7vwDhqWPf44FJ77ixnBHfdivkHnm8crKH8N date Thu, 05 Aug 2021 04:42:31 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 0 content-type text/html; charset=UTF-8
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame FF74 Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGR9awP-Y2T9qg0lKmbLTWM&google_cver=1&google_push=AYg5qPJPrSIMpYet8Tj9KF43fVDDsf85mh_BSN6X6-kTG8KDPtq3w5RowFPyIwWG_7B02kGujn0... https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JZRk5NTUItMUItQVVMTg==&google_push=AYg5qPJPrSIMpYet8Tj9KF43fVDDsf85mh_BSN6X6-kTG8KDPtq3w5RowFPyIwWG_7B02kGujn02jMZJTTFyKHVekZhm2GO2MKw	170 B 188 B	32ms 32ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JZRk5NTUItMUItQVVMTg==&google_push=AYg5qPJPrSIMpYet8Tj9KF43fVDDsf85mh_BSN6X6-kTG8KDPtq3w5RowFPyIwWG_7B02kGujn02jMZJTTFyKHVekZhm2GO2MKw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=2073554963&adf=3381349681&pi=t.aa~a.315596959~rp.4&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=2&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0%2C612x280&nras=3&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1620&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=7Z0yTmErq7&p=https%3A//vhearts.net&dtd=35 Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:31 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JZRk5NTUItMUItQVVMTg==&google_push=AYg5qPJPrSIMpYet8Tj9KF43fVDDsf85mh_BSN6X6-kTG8KDPtq3w5RowFPyIwWG_7B02kGujn02jMZJTTFyKHVekZhm2GO2MKw Cache-Control no-cache,no-store,must-revalidate Content-Type text/html content-length 0 X-RPHost 704c1e4d3fcc922a3031d436b584678b Expires 0
GET		pixel cm.g.doubleclick.net/ Frame FF74 Redirect Chain https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&googl... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6...	0 0
GET H3-29	204	attr cm.g.doubleclick.net/pixel/ Frame FF74	0 12 B	31ms 29ms	Image text/html	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KHmxwWzDLWnqlgLFPD_R2dcgpeWsb8b7BoSXPoHSyjCmQtoS8uzEdyQIhXwEdQlokCL8JW Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=2073554963&adf=3381349681&pi=t.aa~a.315596959~rp.4&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=2&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0%2C612x280&nras=3&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1620&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=7Z0yTmErq7&p=https%3A//vhearts.net&dtd=35 Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 04:42:31 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	dc75b7a82e57e54fe52164e2cc9a7052ba37b6.jpg Show response static.tradetracker.net/be/material_image/90/ Frame 1F61 Redirect Chain https://ti.tradetracker.net/?c=6261&m=1335741&a=289290&r=43430100013615900951407011677027&t=html https://static.tradetracker.net/be/material_image/90/dc75b7a82e57e54fe52164e2cc9a7052ba37b6.jpg	5 KB 5 KB	175ms 75ms	Document image/jpeg	2600:9000:2165:c800:1a:7c92:efc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.tradetracker.net/be/material_image/90/dc75b7a82e57e54fe52164e2cc9a7052ba37b6.jpg Requested by Host: hal900027.redintelligence.net URL: https://hal900027.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=b1d0410722&subid=&uid=ce03bc37bcaa9a84&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5030011944517376466%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D0a1c610b-6c37-4801-9933-d5def952acc7%26mt_cid%3D0a1c610b-6c37-4801-9933-d5def952acc7%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCOxezNmwLYc_DMprR7gPeppr4D8-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjMzMzg4NDA2MDcwNTgwM8gBCagDAaoExQFP0MAvdwJENqnonrNgpJgxIfRjehZBDrFDxdo0PZeueOWiU-Jba0WpBYm_tNbGTBDnD9PpgTGqELuSZwI3BD16jXe2DPbdIqLEzSJ7-gSK3-UvYxwxLICdwcuZcIurYb1PK6kOwwwvQRbjGEJNCsEP9zKRqAoZKprIgN5AjWILWrRvHX7In1EWR_F9H5Hnq_qaPc0xTcMzu5SUdGTmmlIVyBA9CR6tFqRi1ht1AVPs3wvP5hTOi4H0MTCFkMHUx9-Ix3eHxYAGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3SeikFc1FCFyKDeK75uSTRvE2_0Q%2526client%253Dca-pub-2333884060705803%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2333884060705803%26output%3Dhtml%26h%3D280%26adk%3D2073554963%26adf%3D1122717268%26pi%3Dt.aa~a.1316038043~rp.4%26w%3D612%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1628138550%26rafmt%3D1%26to%3Dqs%26pwprc%3D2198116220%26psa%3D0%26format%3D612x280%26url%3Dhttps%253A%252F%252Fvhearts.net%252Fvieclamdongnai%26flash%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..%26dt%3D1628138550782%26bpp%3D3%26bdt%3D2123%26idt%3D-M%26shv%3Dr20210802%26mjsv%3Dm202108040201%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D502dbd9bbdcbdefd-226619e186c90054%253AT%253D1628138550%253ART%253D1628138550%253AS%253DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ%26prev_fmts%3D363x280%252C363x280%252C0x0%26nras%3D2%26correlator%3D2231057986897%26frm%3D20%26pv%3D1%26ga_vid%3D1080471646.1628138550%26ga_sid%3D1628138550%26ga_hid%3D805508800%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D808%26ady%3D1255%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44743417%252C20211866%252C21065725%26oid%3D3%26pvsid%3D3013204802182325%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D3%26fsb%3D1%26xpc%3Dxcwvss8ZH1%26p%3Dhttps%253A%2F%2Fvhearts.net%26dtd%3D28&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fvhearts.net&random=363679877996&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2165:c800:1a:7c92:efc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash e888acda3fccb187fd7c94b7dbe2c404608f01b2956e396b14169b2c9b0978f0 Request headers :method GET :authority static.tradetracker.net :scheme https :path /be/material_image/90/dc75b7a82e57e54fe52164e2cc9a7052ba37b6.jpg pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br accept-language en-US cookie uf=gh3Dz6Azp1yDUDMmH0AXZUNxS1pTR0gzTXQzVFQrUEV2UzdUNUltVDloTmRqMGpYZUY1VlROY2c0MG0wRU0vdHo0M01KTDlIdzc5MUVuNDhiTGJNTS9qQS93YzRYRno2RW1jcmp3PT0%3D; pi=a4c580f5d8513fe26614dd564ca7b70d Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://googleads.g.doubleclick.net/ Response headers content-type image/jpeg content-length 4831 accept-ranges bytes last-modified Thu, 03 May 2018 15:08:59 GMT server nginx date Thu, 05 Aug 2021 04:42:26 GMT etag "5aeb260b-12df" x-cache Hit from cloudfront via 1.1 a11058208b4f5061e144012483becf13.cloudfront.net (CloudFront) x-amz-cf-pop PMO50-C1 x-amz-cf-id 5wXa_AKx0EIU5FeGwUpFC62Y8BcgFJU9iOG271nzzZPv-z9sU9PN6A== age 5 Redirect headers date Thu, 05 Aug 2021 04:42:31 GMT content-type text/html; charset=UTF-8 location https://static.tradetracker.net/be/material_image/90/dc75b7a82e57e54fe52164e2cc9a7052ba37b6.jpg server nginx expires Mon, 26 Jul 1997 05:00:00 GMT cache-control no-cache, must-revalidate set-cookie uf=gh3Dz6Azp1yDUDMmH0AXZUNxS1pTR0gzTXQzVFQrUEV2UzdUNUltVDloTmRqMGpYZUY1VlROY2c0MG0wRU0vdHo0M01KTDlIdzc5MUVuNDhiTGJNTS9qQS93YzRYRno2RW1jcmp3PT0%3D; expires=Fri, 05-Aug-2022 04:42:31 GMT; Max-Age=31536000; path=/; domain=.tradetracker.net; secure; SameSite=None pi=a4c580f5d8513fe26614dd564ca7b70d; expires=Sat, 13-Nov-2021 05:42:31 GMT; Max-Age=8643600; path=/; domain=.tradetracker.net; secure; SameSite=None
GET H/1.1	200 OK	request_content.php Show response hal900027.redintelligence.net/ Frame 3160	8 KB 3 KB	83ms 29ms	Document text/html	78.46.111.106 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900027.redintelligence.net/request_content.php?s=43430100013615900951407011677027&a=7d838ea1 Requested by Host: hal900027.redintelligence.net URL: https://hal900027.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=b1d0410722&subid=&uid=ce03bc37bcaa9a84&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5030011944517376466%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D0a1c610b-6c37-4801-9933-d5def952acc7%26mt_cid%3D0a1c610b-6c37-4801-9933-d5def952acc7%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCOxezNmwLYc_DMprR7gPeppr4D8-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjMzMzg4NDA2MDcwNTgwM8gBCagDAaoExQFP0MAvdwJENqnonrNgpJgxIfRjehZBDrFDxdo0PZeueOWiU-Jba0WpBYm_tNbGTBDnD9PpgTGqELuSZwI3BD16jXe2DPbdIqLEzSJ7-gSK3-UvYxwxLICdwcuZcIurYb1PK6kOwwwvQRbjGEJNCsEP9zKRqAoZKprIgN5AjWILWrRvHX7In1EWR_F9H5Hnq_qaPc0xTcMzu5SUdGTmmlIVyBA9CR6tFqRi1ht1AVPs3wvP5hTOi4H0MTCFkMHUx9-Ix3eHxYAGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3SeikFc1FCFyKDeK75uSTRvE2_0Q%2526client%253Dca-pub-2333884060705803%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2333884060705803%26output%3Dhtml%26h%3D280%26adk%3D2073554963%26adf%3D1122717268%26pi%3Dt.aa~a.1316038043~rp.4%26w%3D612%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1628138550%26rafmt%3D1%26to%3Dqs%26pwprc%3D2198116220%26psa%3D0%26format%3D612x280%26url%3Dhttps%253A%252F%252Fvhearts.net%252Fvieclamdongnai%26flash%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..%26dt%3D1628138550782%26bpp%3D3%26bdt%3D2123%26idt%3D-M%26shv%3Dr20210802%26mjsv%3Dm202108040201%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D502dbd9bbdcbdefd-226619e186c90054%253AT%253D1628138550%253ART%253D1628138550%253AS%253DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ%26prev_fmts%3D363x280%252C363x280%252C0x0%26nras%3D2%26correlator%3D2231057986897%26frm%3D20%26pv%3D1%26ga_vid%3D1080471646.1628138550%26ga_sid%3D1628138550%26ga_hid%3D805508800%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D808%26ady%3D1255%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44743417%252C20211866%252C21065725%26oid%3D3%26pvsid%3D3013204802182325%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D3%26fsb%3D1%26xpc%3Dxcwvss8ZH1%26p%3Dhttps%253A%2F%2Fvhearts.net%26dtd%3D28&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fvhearts.net&random=363679877996&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.106.111.46.78.clients.your-server.de Software Apache / Resource Hash 6b3becfdf9b63f2b307d51f9a3f28183f750af43675e7d016df8e3720af96fc0 Request headers Host hal900027.redintelligence.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://googleads.g.doubleclick.net/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie 8lcfmzhxc8d6_uid=9c1b290e103ddb1d Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://googleads.g.doubleclick.net/ Response headers Date Thu, 05 Aug 2021 04:42:31 GMT Server Apache Cache-Control no-store, no-cache, must-revalidate, max-age=0 Expires Thu, 05 Aug 2021 05:42:31 +0200 Pragma no-cache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Vary Accept-Encoding Content-Encoding gzip Content-Length 2401 Connection close Content-Type text/html; charset=utf-8
GET H/1.1	200 OK	cshow.php www.awin1.com/ Frame 28CC	43 B 702 B	56ms 54ms	Image image/gif	104.111.239.217 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.awin1.com/cshow.php?s=2653496&v=15315&q=390591&r=708169&pref1=43430100013615900951407011677027&pv=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=2073554963&adf=1122717268&pi=t.aa~a.1316038043~rp.4&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=3&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0&nras=2&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xcwvss8ZH1&p=https%3A//vhearts.net&dtd=28 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-239-217.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Thu, 05 Aug 2021 04:42:31 GMT Strict-Transport-Security max-age=86400 P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Node Helix Connection keep-alive Content-Type image/gif Content-Length 43 Expires 0
GET H3-29	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 1F34	1 KB 749 B	6ms 6ms	Document text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=2073554963&adf=1122717268&pi=t.aa~a.1316038043~rp.4&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=3&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0&nras=2&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xcwvss8ZH1&p=https%3A//vhearts.net&dtd=28 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority pagead2.googlesyndication.com :scheme https :path /pagead/s/cookie_push_onload.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://googleads.g.doubleclick.net/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Wed, 04 Aug 2021 11:56:19 GMT expires Thu, 05 Aug 2021 11:56:19 GMT content-type text/html; charset=UTF-8 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 age 60372 cache-control public, max-age=86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET DATA	200 OK	truncated / Frame 28CC	206 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 980fca612298fd6e7fc01f32773f00485910236b7a6fb047b5f800106e7964b7 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	S-336x280.gif cdn.contentspread.net/24i/content/soberfb/DE/ Frame E0B4	77 KB 77 KB	99ms 29ms	Image image/gif	51.75.147.170 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.contentspread.net/24i/content/soberfb/DE/S-336x280.gif Requested by Host: hal900014.redintelligence.net URL: https://hal900014.redintelligence.net/request_content.php?s=70415300016645100951407011677014&a=8c8adc17 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 51.75.147.170 , France, ASN16276 (OVH, FR), Reverse DNS ns3133977.ip-51-75-147.eu Software nginx / Resource Hash 389fea323237b8da675f0c2ab8b701a9a0637ec1e4bb3d4b6cc9ce5440abc1a5 Request headers Referer https://hal900014.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 05 Aug 2021 04:42:31 GMT Last-Modified Mon, 23 Jul 2018 15:19:51 GMT Server nginx ETag "5b55f217-1348d" Content-Type image/gif Connection close Accept-Ranges bytes Content-Length 78989
GET H/1.1	200 OK	viewability Show response hal900014.redintelligence.net/ Frame E0B4	0 150 B	81ms 28ms	Script text/html	176.9.26.250 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900014.redintelligence.net/viewability?s=70415300016645100951407011677014&a=a2de5317&vb=m Requested by Host: hal900014.redintelligence.net URL: https://hal900014.redintelligence.net/request_content.php?s=70415300016645100951407011677014&a=8c8adc17 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.250.26.9.176.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://hal900014.redintelligence.net/request_content.php?s=70415300016645100951407011677014&a=8c8adc17 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 05 Aug 2021 04:42:31 GMT Server Apache Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
GET DATA	200 OK	truncated / Frame E0B4	43 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/gif
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 1F34 Redirect Chain https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEK52zKMLRkvSjfLg9i5He9k&google_cver=1&google_push=AYg5qPJL50HemI_bddsXgy54Dia6N7_hdwyTO-D8g_afjrtbJUHeSgxkH9... https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJL50HemI_bddsXgy54Dia6N7_hdwyTO-D8g_afjrtbJUHeSgxkH9f9pxkuhk9XbcQQnzroRdROH_HTmNJ_6KOpwYllv7A&google_hm=Zgye6Vl...	170 B 188 B	32ms 32ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJL50HemI_bddsXgy54Dia6N7_hdwyTO-D8g_afjrtbJUHeSgxkH9f9pxkuhk9XbcQQnzroRdROH_HTmNJ_6KOpwYllv7A&google_hm=Zgye6Vl_gvVRAtlBQTmyOA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=2073554963&adf=1122717268&pi=t.aa~a.1316038043~rp.4&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=3&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0&nras=2&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xcwvss8ZH1&p=https%3A//vhearts.net&dtd=28 Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:31 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJL50HemI_bddsXgy54Dia6N7_hdwyTO-D8g_afjrtbJUHeSgxkH9f9pxkuhk9XbcQQnzroRdROH_HTmNJ_6KOpwYllv7A&google_hm=Zgye6Vl_gvVRAtlBQTmyOA pragma no-cache date Thu, 05 Aug 2021 04:42:31 GMT cache-control private, no-cache, no-store, proxy-revalidate content-length 0 strict-transport-security max-age=86400 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 1F34 Redirect Chain https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPK9oo21KNrk8Awu0rFq2nsUyyP0nMG79CTMowq... https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVF0c053QUFCT1ZxZkd6Rg&google_push=AYg5qPK9oo21KNrk8Awu0rFq2nsUyyP0nMG79CTMowqKsjxxusjC3HaEUDRLm5m3kB5hI2Q_uRkOY_ymxVmudWZ_n5dECFmbwa0	170 B 188 B	32ms 31ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVF0c053QUFCT1ZxZkd6Rg&google_push=AYg5qPK9oo21KNrk8Awu0rFq2nsUyyP0nMG79CTMowqKsjxxusjC3HaEUDRLm5m3kB5hI2Q_uRkOY_ymxVmudWZ_n5dECFmbwa0 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=2073554963&adf=1122717268&pi=t.aa~a.1316038043~rp.4&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=3&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0&nras=2&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xcwvss8ZH1&p=https%3A//vhearts.net&dtd=28 Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:31 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVF0c053QUFCT1ZxZkd6Rg&google_push=AYg5qPK9oo21KNrk8Awu0rFq2nsUyyP0nMG79CTMowqKsjxxusjC3HaEUDRLm5m3kB5hI2Q_uRkOY_ymxVmudWZ_n5dECFmbwa0 Date Thu, 05 Aug 2021 04:42:31 GMT Server Apache Connection keep-alive Content-Length 390 Content-Type text/html; charset=iso-8859-1
GET H2	200	sync odr.mookie1.com/t/v2/ Frame 1F34	43 B 106 B	25ms 24ms	Image image/gif	34.98.67.61 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEK53EXc2c4-RhvFHLQZaWig&google_push=AYg5qPKH1F7yA6LmproLlrbkBNhI-8uulZAvDTeFh_vTMaMB8cV3ACT1FtN_aytK5KLbsOsQy7CZkmjrlcV2OwRWaSM1qngXwOU&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=2073554963&adf=1122717268&pi=t.aa~a.1316038043~rp.4&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=3&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0&nras=2&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xcwvss8ZH1&p=https%3A//vhearts.net&dtd=28 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 61.67.98.34.bc.googleusercontent.com Software Apache / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:31 GMT via 1.1 google server Apache p3p CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml" cache-control no-cache, no-store, must-revalidate content-type image/gif;charset=UTF-8 alt-svc clear content-length 43 x-application-context application expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 1F34 Redirect Chain https://rtb.openx.net/sync/dds?google_gid=CAESEFdShOY_7NyHU3QG7w17Nhg&google_cver=1&google_push=AYg5qPLFBld4maYALjLIKpTWYNOiwcIX3I8TNvgxCSXwaHq7YopuxHQ3fPrv-ZFJ6a30gyY0xpoLmurPMftNm9PzKfTfyaZHl6w https://rtb.openx.net/sync/dds?google_gid=CAESEFdShOY_7NyHU3QG7w17Nhg&google_cver=1&google_push=AYg5qPLFBld4maYALjLIKpTWYNOiwcIX3I8TNvgxCSXwaHq7YopuxHQ3fPrv-ZFJ6a30gyY0xpoLmurPMftNm9PzKfTfyaZHl6w&o... https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLFBld4maYALjLIKpTWYNOiwcIX3I8TNvgxCSXwaHq7YopuxHQ3fPrv-ZFJ6a30gyY0xpoLmurPMftNm9PzKfTfyaZHl6w&google_hm=VXc2SHzkwCYnTi-3HV0kPw==	170 B 188 B	33ms 33ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLFBld4maYALjLIKpTWYNOiwcIX3I8TNvgxCSXwaHq7YopuxHQ3fPrv-ZFJ6a30gyY0xpoLmurPMftNm9PzKfTfyaZHl6w&google_hm=VXc2SHzkwCYnTi-3HV0kPw== Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=2073554963&adf=1122717268&pi=t.aa~a.1316038043~rp.4&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=3&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0&nras=2&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xcwvss8ZH1&p=https%3A//vhearts.net&dtd=28 Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:31 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 05 Aug 2021 04:42:30 GMT via 1.1 google server Cowboy access-control-allow-origin null vary Origin p3p CP="CUR ADM OUR NOR STA NID" location https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLFBld4maYALjLIKpTWYNOiwcIX3I8TNvgxCSXwaHq7YopuxHQ3fPrv-ZFJ6a30gyY0xpoLmurPMftNm9PzKfTfyaZHl6w&google_hm=VXc2SHzkwCYnTi-3HV0kPw== access-control-expose-headers cache-control private, max-age=0, no-cache, must-revalidate access-control-allow-credentials true alt-svc clear content-length 0 x-request-id efqr85p6ueg6bbijrle598ruttfdqq73
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 1F34 Redirect Chain https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QJJ5H9foSSeFGkEmhv3v7g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...	170 B 188 B	33ms 32ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QJJ5H9foSSeFGkEmhv3v7g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJnNr5qf8g-F1qG_GDcfdg7UoPpxx31XAgqCjjGlajxa_HhBfJFOupDq-W1P08ZmOj1aY2W3f-qwgF2qpTfT_5GwhtrVw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=2073554963&adf=1122717268&pi=t.aa~a.1316038043~rp.4&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=3&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0&nras=2&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xcwvss8ZH1&p=https%3A//vhearts.net&dtd=28 Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:31 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QJJ5H9foSSeFGkEmhv3v7g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJnNr5qf8g-F1qG_GDcfdg7UoPpxx31XAgqCjjGlajxa_HhBfJFOupDq-W1P08ZmOj1aY2W3f-qwgF2qpTfT_5GwhtrVw date Thu, 05 Aug 2021 04:42:30 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 0 content-type text/html; charset=UTF-8
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 1F34 Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGR9awP-Y2T9qg0lKmbLTWM&google_cver=1&google_push=AYg5qPJIXUIVMoJTmTDqrEuV2twA8t2mgPaH_e1kmCerl6RERB5Oi7-Tq-TSvteKc74BnkEcoMS... https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JZRk5NVFktMVktNUdURw==&google_push=AYg5qPJIXUIVMoJTmTDqrEuV2twA8t2mgPaH_e1kmCerl6RERB5Oi7-Tq-TSvteKc74BnkEcoMSLSQxOlCe1mUC7nSkaBLD3RUo	170 B 188 B	33ms 32ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JZRk5NVFktMVktNUdURw==&google_push=AYg5qPJIXUIVMoJTmTDqrEuV2twA8t2mgPaH_e1kmCerl6RERB5Oi7-Tq-TSvteKc74BnkEcoMSLSQxOlCe1mUC7nSkaBLD3RUo Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=2073554963&adf=1122717268&pi=t.aa~a.1316038043~rp.4&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=3&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0&nras=2&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xcwvss8ZH1&p=https%3A//vhearts.net&dtd=28 Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:31 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JZRk5NVFktMVktNUdURw==&google_push=AYg5qPJIXUIVMoJTmTDqrEuV2twA8t2mgPaH_e1kmCerl6RERB5Oi7-Tq-TSvteKc74BnkEcoMSLSQxOlCe1mUC7nSkaBLD3RUo Cache-Control no-cache,no-store,must-revalidate Content-Type text/html content-length 0 X-RPHost 704c1e4d3fcc922a3031d436b584678b Expires 0
GET		pixel cm.g.doubleclick.net/ Frame 1F34 Redirect Chain https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&googl... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqws... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqws... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqws... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqws... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqws... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqws... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqws... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqws... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqws... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqws... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqws... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqws... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqws... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqws... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqws... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqws... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqws... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqws... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqws... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqws...	0 0
GET H3-29	204	attr cm.g.doubleclick.net/pixel/ Frame 1F34	0 12 B	31ms 30ms	Image text/html	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ILHSuZoVEgF6xZ4X8Y5C4EaFSAo3-4DsRezen2LwVtQz-lRZb9WB-pXs2jCZ9U4kWFTqMC Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2333884060705803&output=html&h=280&adk=2073554963&adf=1122717268&pi=t.aa~a.1316038043~rp.4&w=612&fwrn=4&fwrnh=100&lmt=1628138550&rafmt=1&to=qs&pwprc=2198116220&psa=0&format=612x280&url=https%3A%2F%2Fvhearts.net%2Fvieclamdongnai&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628138550782&bpp=3&bdt=2123&idt=-M&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D502dbd9bbdcbdefd-226619e186c90054%3AT%3D1628138550%3ART%3D1628138550%3AS%3DALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ&prev_fmts=363x280%2C363x280%2C0x0&nras=2&correlator=2231057986897&frm=20&pv=1&ga_vid=1080471646.1628138550&ga_sid=1628138550&ga_hid=805508800&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44743417%2C20211866%2C21065725&oid=3&pvsid=3013204802182325&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xcwvss8ZH1&p=https%3A//vhearts.net&dtd=28 Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 04:42:31 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H3-29	200	css fonts.googleapis.com/ Frame 3160	4 KB 648 B	23ms 22ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600 Requested by Host: hal900027.redintelligence.net URL: https://hal900027.redintelligence.net/request_content.php?s=43430100013615900951407011677027&a=7d838ea1 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 932060b34fe451f1cb994f3da257f6d2d0f281e1e286e9f3f0e2da63e862fec6 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://hal900027.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 05 Aug 2021 03:45:37 GMT server ESF date Thu, 05 Aug 2021 04:42:31 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 05 Aug 2021 04:42:31 GMT
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame 3160	16 KB 16 KB	153ms 98ms	Image image/png	78.46.23.46 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/52703/creativesup/sfeerbanner_1200x672.jpg Requested by Host: hal900027.redintelligence.net URL: https://hal900027.redintelligence.net/request_content.php?s=43430100013615900951407011677027&a=7d838ea1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.46.23.46.78.clients.your-server.de Software Apache / Resource Hash 59ff345ba67b8c3070bfd0ee29c2538f75221073c408cf6da2ad3b59d696b1d5 Request headers Referer https://hal900027.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 05 Aug 2021 04:42:31 GMT Content-Encoding gzip Server Apache Connection close Content-Length 16264 Vary Accept-Encoding Content-Type image/png
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame 3160	14 KB 14 KB	156ms 102ms	Image image/png	78.46.23.46 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/24517/creativesup/banner-1200x627-2.jpg Requested by Host: hal900027.redintelligence.net URL: https://hal900027.redintelligence.net/request_content.php?s=43430100013615900951407011677027&a=7d838ea1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.46.23.46.78.clients.your-server.de Software Apache / Resource Hash 1ab9fc799225e4f73dd6005abfb5ce7d3408b8f51a5766f302527bed50f47abb Request headers Referer https://hal900027.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 05 Aug 2021 04:42:31 GMT Content-Encoding gzip Server Apache Connection close Content-Length 14597 Vary Accept-Encoding Content-Type image/png
GET H/1.1	200 OK	viewability Show response hal900027.redintelligence.net/ Frame 3160	0 150 B	522ms 30ms	Script text/html	78.46.111.106 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900027.redintelligence.net/viewability?s=43430100013615900951407011677027&a=a3cd3175&vb=m Requested by Host: hal900027.redintelligence.net URL: https://hal900027.redintelligence.net/request_content.php?s=43430100013615900951407011677027&a=7d838ea1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.106.111.46.78.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://hal900027.redintelligence.net/request_content.php?s=43430100013615900951407011677027&a=7d838ea1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 05 Aug 2021 04:42:32 GMT Server Apache Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
GET H2	200	/ Show response ti.tradetracker.net/ Frame 3160	434 B 914 B	67ms 67ms	Script text/javascript	52.213.43.222 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ti.tradetracker.net/?c=558&amp;m=24180&amp;a=70002&amp;r=43430100013615900951407011677027&amp;t=js&amp;wid=tt-79c2cd Requested by Host: hal900027.redintelligence.net URL: https://hal900027.redintelligence.net/request_content.php?s=43430100013615900951407011677027&a=7d838ea1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.213.43.222 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-213-43-222.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 737117090925bbe45ad32c57e53975c45416252f19e82209ceed3555da1e7eb7 Request headers Referer https://hal900027.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 04:42:31 GMT cache-control no-cache, must-revalidate expires Mon, 26 Jul 1997 05:00:00 GMT server nginx content-type text/javascript; charset=UTF-8
GET H3-29	200	6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 fonts.gstatic.com/s/sourcesanspro/v14/ Frame 3160	16 KB 16 KB	8ms 8ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://hal900027.redintelligence.net Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 02 Aug 2021 17:54:23 GMT x-content-type-options nosniff age 211688 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15948 x-xss-protection 0 last-modified Tue, 15 Sep 2020 18:10:32 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 02 Aug 2022 17:54:23 GMT
GET H3-29	200	6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 fonts.gstatic.com/s/sourcesanspro/v14/ Frame 3160	16 KB 16 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://hal900027.redintelligence.net Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 03 Aug 2021 13:27:21 GMT x-content-type-options nosniff age 141310 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16112 x-xss-protection 0 last-modified Tue, 15 Sep 2020 18:10:09 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 03 Aug 2022 13:27:21 GMT
GET H2	200	icon.png Show response vhearts.net/themes/wondertag/img/	26 KB 26 KB	1589ms 1588ms	XHR image/png	27.72.72.31 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Full URL https://vhearts.net/themes/wondertag/img/icon.png Requested by Host: vhearts.net URL: https://vhearts.net/themes/wondertag/javascript/qrcode.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 27.72.72.31 Haiphong, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS dynamic-adsl.viettel.vn Software Apache / Resource Hash 965dce9df441715b933acdf9e9ff844c22c2edd432414ddb5b9b4b781028bb8d Request headers :path /themes/wondertag/img/icon.png pragma no-cache cookie PHPSESSID=opmrogrvol8qc47cqa6hluqapb; ad-con=%7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2021-08-05%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D; _us=1628224951; mode=day; access=1; src=1; _ga=GA1.2.1080471646.1628138550; _gid=GA1.2.1648563138.1628138550; _gat_gtag_UA_143895203_1=1; __gads=ID=502dbd9bbdcbdefd-226619e186c90054:T=1628138550:RT=1628138550:S=ALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority vhearts.net referer https://vhearts.net/vieclamdongnai :scheme https sec-fetch-site same-origin :method GET Referer https://vhearts.net/vieclamdongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:36 GMT last-modified Sun, 27 Jun 2021 11:56:52 GMT server Apache content-type image/png cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes content-length 26687 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg static.tradetracker.net/nl/material_image/49/ Frame 3160 Redirect Chain https://ti.tradetracker.net/?c=558&m=24180&a=70002&r=43430100013615900951407011677027&t=html https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg	13 KB 13 KB	82ms 81ms	Image image/jpeg	2600:9000:2165:c800:1a:7c92:efc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg Requested by Host: hal900027.redintelligence.net URL: https://hal900027.redintelligence.net/request_content.php?s=43430100013615900951407011677027&a=7d838ea1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2165:c800:1a:7c92:efc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 6d731e6d3e38558377e2fa974639cabf5209d9cafa5f00e186b0e3faf0aea02b Request headers Referer https://hal900027.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 04:42:31 GMT via 1.1 a11058208b4f5061e144012483becf13.cloudfront.net (CloudFront) last-modified Thu, 16 Mar 2017 08:27:46 GMT server nginx x-amz-cf-pop PMO50-C1 etag "58ca4c82-335a" x-cache Hit from cloudfront content-type image/jpeg accept-ranges bytes content-length 13146 x-amz-cf-id hQEHxzCnDuGHecwQiXY6yWHjOmlQWERecGzQNcPbJXJcBECBG2nguw== Redirect headers location https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg date Thu, 05 Aug 2021 04:42:31 GMT cache-control no-cache, must-revalidate server nginx content-type text/html; charset=UTF-8 expires Mon, 26 Jul 1997 05:00:00 GMT
GET DATA	200 OK	truncated /	26 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 965dce9df441715b933acdf9e9ff844c22c2edd432414ddb5b9b4b781028bb8d Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	61 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1de6c8c1eca7b89760bd0a6490705f4589726824880c0d64736a697bc3a01d51 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3-29	200	css fonts.googleapis.com/ Frame B259	6 KB 685 B	17ms 16ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap Requested by Host: y2be.net URL: https://y2be.net/music/album/13/mrsiro/tuyen-tap-nhung-bai-hat-hay-nhat-cua-mr-siro Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash eb9384f7a4fbdb141e673788b2b80d39e36b5ba956b176207ff315dfc40a8df0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://y2be.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 05 Aug 2021 03:44:51 GMT server ESF date Thu, 05 Aug 2021 04:42:34 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 05 Aug 2021 04:42:34 GMT
GET H2	200	styles.bd1b100edc4a44659421.css y2be.net/music/client/ Frame B259	109 KB 15 KB	499ms 198ms	Stylesheet text/css	172.96.185.191 LEASEWEB-APAC-HKG...
General Check archive.org Show headers Download Go to Full URL https://y2be.net/music/client/styles.bd1b100edc4a44659421.css Requested by Host: y2be.net URL: https://y2be.net/music/album/13/mrsiro/tuyen-tap-nhung-bai-hat-hay-nhat-cua-mr-siro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.96.185.191 , Canada, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK), Reverse DNS 172.96.185.191-static.reverse.arandomserver.com Software LiteSpeed / Resource Hash 6d830bc305d14f34c6da88a5d8422f8913476e0ebc9f6247b9d0e05c37de9bd3 Request headers Referer https://y2be.net/music/album/13/mrsiro/tuyen-tap-nhung-bai-hat-hay-nhat-cua-mr-siro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 04:42:35 GMT content-encoding br last-modified Tue, 25 May 2021 16:26:56 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 15290 expires Thu, 12 Aug 2021 04:42:35 GMT
GET H2	200	runtime-es2015.7514a0b0211d92f4399d.js Show response y2be.net/music/client/ Frame B259	3 KB 1 KB	678ms 377ms	Script application/javascript	172.96.185.191 LEASEWEB-APAC-HKG...
General Check archive.org Show headers Download Go to Full URL https://y2be.net/music/client/runtime-es2015.7514a0b0211d92f4399d.js Requested by Host: y2be.net URL: https://y2be.net/music/album/13/mrsiro/tuyen-tap-nhung-bai-hat-hay-nhat-cua-mr-siro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.96.185.191 , Canada, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK), Reverse DNS 172.96.185.191-static.reverse.arandomserver.com Software LiteSpeed / Resource Hash 5998909e4f6aeebe040b74fc9744602d0846e22eab3b11c5a4b6e0c6b935665b Request headers Origin https://y2be.net Referer https://y2be.net/music/album/13/mrsiro/tuyen-tap-nhung-bai-hat-hay-nhat-cua-mr-siro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 04:42:35 GMT content-encoding br last-modified Tue, 25 May 2021 16:26:56 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes content-length 1279 expires Thu, 12 Aug 2021 04:42:35 GMT
GET H2	200	polyfills-es2015.394385f3043280af1d7f.js Show response y2be.net/music/client/ Frame B259	65 KB 21 KB	679ms 378ms	Script application/javascript	172.96.185.191 LEASEWEB-APAC-HKG...
General Check archive.org Show headers Download Go to Full URL https://y2be.net/music/client/polyfills-es2015.394385f3043280af1d7f.js Requested by Host: y2be.net URL: https://y2be.net/music/album/13/mrsiro/tuyen-tap-nhung-bai-hat-hay-nhat-cua-mr-siro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.96.185.191 , Canada, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK), Reverse DNS 172.96.185.191-static.reverse.arandomserver.com Software LiteSpeed / Resource Hash b90cb74803d253ddb0ffc93bec9501bcca3b860132784d463a1c1b6608adc910 Request headers Origin https://y2be.net Referer https://y2be.net/music/album/13/mrsiro/tuyen-tap-nhung-bai-hat-hay-nhat-cua-mr-siro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 04:42:35 GMT content-encoding br last-modified Tue, 25 May 2021 16:26:56 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes content-length 21599 expires Thu, 12 Aug 2021 04:42:35 GMT
GET H2	200	main-es2015.a0aef30887b5ce6f2fc5.js Show response y2be.net/music/client/ Frame B259	2 MB 397 KB	681ms 380ms	Script application/javascript	172.96.185.191 LEASEWEB-APAC-HKG...
General Check archive.org Show headers Download Go to Full URL https://y2be.net/music/client/main-es2015.a0aef30887b5ce6f2fc5.js Requested by Host: y2be.net URL: https://y2be.net/music/album/13/mrsiro/tuyen-tap-nhung-bai-hat-hay-nhat-cua-mr-siro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.96.185.191 , Canada, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK), Reverse DNS 172.96.185.191-static.reverse.arandomserver.com Software LiteSpeed / Resource Hash ea915d6cbc0ee719f5ea33a90f6d36fb3b09e1882b46b090bf2e1cf16bbb10b0 Request headers Origin https://y2be.net Referer https://y2be.net/music/album/13/mrsiro/tuyen-tap-nhung-bai-hat-hay-nhat-cua-mr-siro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 04:42:35 GMT content-encoding br last-modified Tue, 25 May 2021 16:26:56 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes content-length 406095 expires Thu, 12 Aug 2021 04:42:35 GMT
GET H3-29	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v27/ Frame B259	15 KB 15 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://y2be.net Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 02 Aug 2021 18:26:24 GMT x-content-type-options nosniff age 209771 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 last-modified Mon, 05 Apr 2021 21:10:35 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 02 Aug 2022 18:26:24 GMT
GET H3-29	200	13 Show response y2be.net/music/secure/albums/ Frame B259	9 KB 2 KB	5651ms 5650ms	XHR application/json	172.96.185.191 LEASEWEB-APAC-HKG...
General Check archive.org Show headers Download Go to Full URL https://y2be.net/music/secure/albums/13?autoUpdate=true&defaultRelations=true Requested by Host: y2be.net URL: https://y2be.net/music/client/polyfills-es2015.394385f3043280af1d7f.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.96.185.191 , Canada, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK), Reverse DNS 172.96.185.191-static.reverse.arandomserver.com Software LiteSpeed / Resource Hash de51ae4ff8adce04d7e233fec1c4e3aac0576d8966388824fa33eda16390e27c Request headers Accept application/json, text/plain, */* Referer https://y2be.net/music/album/13/mrsiro/tuyen-tap-nhung-bai-hat-hay-nhat-cua-mr-siro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 04:42:41 GMT content-encoding br server LiteSpeed cache-control no-cache, private vary Accept-Encoding content-type application/json
GET H3-29	200	sodar Show response pagead2.googlesyndication.com/getconfig/	11 KB 8 KB	18ms 17ms	XHR application/json	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210802&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108040201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2333884060705803&plah=vhearts.net Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 39451598447352bc00a1543b64d9bc6c9f366be6bdcafd1e1fa0f51be947b25f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://vhearts.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Thu, 05 Aug 2021 04:42:36 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8631 x-xss-protection 0
GET H3-29	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	17ms 16ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108040201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2333884060705803&plah=vhearts.net Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://vhearts.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 04:42:36 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1624308425655142" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6467 x-xss-protection 0 expires Thu, 05 Aug 2021 04:42:36 GMT
GET H3-29	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/224/ Frame E4F4	12 KB 5 KB	6ms 6ms	Document text/html	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/224/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://vhearts.net/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://vhearts.net/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 5029 date Wed, 04 Aug 2021 20:17:15 GMT expires Thu, 04 Aug 2022 20:17:15 GMT last-modified Wed, 02 Jun 2021 17:09:45 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 30321 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	aframe Show response www.google.com/recaptcha/api2/ Frame 02D3	783 B 533 B	17ms 17ms	Document text/html	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 0387bb3e80198204254b68f3d6dd470b09f18eb41b7d8ea65a9e3846fa8d84d5 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-hXNksXcNgjHCSBhDLC5mGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/aframe pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://vhearts.net/ accept-encoding gzip, deflate, br accept-language en-US cookie NID=220=V2iIe7R7j3tziCfoprs0djyAv91KTrVOiZcnLYf85Y9svUu-sU73KjftMpyn7-K7ubJxG9H5oShDlGnka5Zyy-nNcQgOd1waeYq2vulq-n5Fikht_vrGmVdIDi8yJz-cMznIwQh95xy_ylfOZNCbJpoHQ2H4jQVCljbwPY0SqUw Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://vhearts.net/ Response headers expires Thu, 05 Aug 2021 04:42:36 GMT date Thu, 05 Aug 2021 04:42:36 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-hXNksXcNgjHCSBhDLC5mGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 514 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js Show response pagead2.googlesyndication.com/bg/ Frame E4F4	35 KB 13 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 713570daadea89f585efe85f286718e52dee37031ba9e58d51a4526227fbb85a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 04 Aug 2021 10:59:29 GMT content-encoding br x-content-type-options nosniff age 63787 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13202 x-xss-protection 0 last-modified Mon, 26 Jul 2021 08:58:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 04 Aug 2022 10:59:29 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	28ms 28ms	Image image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210802&jk=3013204802182325&bg=!-fql-r7NAAals0SOpbM7ACkAdvg8WulyMEJ5AmLkDSwrfPV87rLrCDokJRXcgjHnEgft7XkWWbtFGgIAAABWUgAAAAxoAQcKAANB3NCZAne-gQim8PJH7POnJ3tmblsR_XQ86bhSnkWQVvAlWtKc_VnWAOTYfPIVBZQtLXQ-BYjTu_OmfyZmlua55oRsP-bvrr79L7bDnkjw5oibbpqeKjq-W2j6NoRaJonP_9tFYifwB6-8IhYBSnlGHia0G7fNABp02Mzn5hmiUuEel8CV8Lef36yW2zzOi9fIjgY6EdAPSBDD5QtaB1XqZbllB9GPce56J1v0VELEDLXX8JnL_bUJjxClTCNi7yqxF6bb1H8MHyWpVkgoS7DPafZLYONVdTVToTnITbNvG7WVfrB3cZDeAM0KatA31lXHxGaRkjBr--riTCq3wcL453mF6JRHHQjF_7vZotoHVkMVWD5WJxY5Knt5xFHSwVkPpMOx81op74RZDYohgLFVfvKKZ4BVn3jslQDHH9fgjUL5rT34nzVgT-qQaqhW0Z6rZuG3a3F5Tdoy8o47V-q_cQR_P9d57gCYw18Wl-xPAO_BZk9Rcv1vNZkq68m-gROlgFSq0AwEnFw2WKbAoQ-tviNRgkfm4joUYCluuJ7p7i1LFWMn-QXo_JAwLVzRD7p4pUpBlFSq0rYL-mtlvlTaHWB-QGNnDiGGujPbdppItLNao0b0Dxn8TedPQd2QOtaAbpbJIdFFUfA0q8IdGOpyC1_M86rFQxMRdtxI0e1GkwUp6EUb39wwTWNVCRvrWQ5-lIX2PgvYLzacRIShCj56S1jUpIowdUXABQ4iOSkr2uXI0jcCAdyMalb92p8Mrhikv5nFDqtCp3pm3swDaN6tXOqm7oltrUqkw5NtVPZfcxbOhlUuyh_7nEKh0m_4sYJbcqoy0YSxnS7tRCBX Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://vhearts.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 05 Aug 2021 04:42:36 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	requests.php Show response vhearts.net/	35 B 170 B	946ms 946ms	XHR text/html	27.72.72.31 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Full URL https://vhearts.net/requests.php?hash=4622d255cee027c26a5f&f=update_data&user_id=6459&before_post_id=42547&check_posts=false&hash_posts=false&_=1628138550146 Requested by Host: vhearts.net URL: https://vhearts.net/themes/wondertag/javascript/jquery-3.1.1.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 27.72.72.31 Haiphong, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS dynamic-adsl.viettel.vn Software Apache / Resource Hash abfeb3db6321035b5f442a87af963bfb1350f522cf6ba580edbd486c1521d09d Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers sec-fetch-mode cors accept-encoding gzip, deflate, br accept-language en-US x-requested-with XMLHttpRequest sec-fetch-dest empty cookie PHPSESSID=opmrogrvol8qc47cqa6hluqapb; ad-con=%7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2021-08-05%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D; _us=1628224951; mode=day; access=1; src=1; _ga=GA1.2.1080471646.1628138550; _gid=GA1.2.1648563138.1628138550; _gat_gtag_UA_143895203_1=1; __gads=ID=502dbd9bbdcbdefd-226619e186c90054:T=1628138550:RT=1628138550:S=ALNI_MYxMYTvC8m9lxTEqU5s7PxQLmT4eQ :path /requests.php?hash=4622d255cee027c26a5f&f=update_data&user_id=6459&before_post_id=42547&check_posts=false&hash_posts=false&_=1628138550146 pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept */* cache-control no-cache :authority vhearts.net referer https://vhearts.net/vieclamdongnai :scheme https sec-fetch-site same-origin :method GET Accept */* Referer https://vhearts.net/vieclamdongnai X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache no-cache date Thu, 05 Aug 2021 04:42:40 GMT content-encoding gzip vary Accept-Encoding server Apache x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 cache-control max-age=846000 max-age=0, no-cache, no-store, must-revalidate set-cookie _us=1628224960; expires=Sun, 03-Aug-2031 04:42:40 GMT; Max-Age=315360000 content-length 55 expires Thu, 19 Nov 1981 08:52:00 GMT Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	merged.svg Show response y2be.net/music/client/assets/icons/ Frame B259	41 KB 10 KB	201ms 200ms	XHR image/svg+xml	172.96.185.191 LEASEWEB-APAC-HKG...
General Check archive.org Show headers Download Go to Full URL https://y2be.net/music/client/assets/icons/merged.svg?v3 Requested by Host: y2be.net URL: https://y2be.net/music/client/polyfills-es2015.394385f3043280af1d7f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.96.185.191 , Canada, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK), Reverse DNS 172.96.185.191-static.reverse.arandomserver.com Software LiteSpeed / Resource Hash 3e39ad141896a682abfb1436fc7937c3460aceece7dffaf584dffa1f6ad924f1 Request headers Accept application/json, text/plain, */* Referer https://y2be.net/music/album/13/mrsiro/tuyen-tap-nhung-bai-hat-hay-nhat-cua-mr-siro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 04:42:41 GMT content-encoding br last-modified Tue, 25 May 2021 16:26:56 GMT server LiteSpeed vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=604800 accept-ranges bytes content-length 10595 expires Thu, 12 Aug 2021 04:42:41 GMT
GET DATA	200 OK	truncated / Frame B259	42 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/gif
GET H3-29	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v27/ Frame B259	16 KB 16 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://y2be.net Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 03 Aug 2021 17:17:27 GMT x-content-type-options nosniff age 127514 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15920 x-xss-protection 0 last-modified Mon, 05 Apr 2021 21:10:39 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 03 Aug 2022 17:17:27 GMT
GET H3-29	200	KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2 fonts.gstatic.com/s/roboto/v27/ Frame B259	11 KB 12 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://y2be.net Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 03 Aug 2021 09:15:18 GMT x-content-type-options nosniff age 156443 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11768 x-xss-protection 0 last-modified Mon, 05 Apr 2021 21:10:42 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 03 Aug 2022 09:15:18 GMT
GET H3-29	200	KFOmCnqEu92Fr1Mu7GxKOzY.woff2 fonts.gstatic.com/s/roboto/v27/ Frame B259	12 KB 12 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://y2be.net Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 31 Jul 2021 03:14:43 GMT x-content-type-options nosniff age 437278 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11860 x-xss-protection 0 last-modified Mon, 05 Apr 2021 21:10:33 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 31 Jul 2022 03:14:43 GMT
GET H2	200	requests.php Show response vhearts.net/	35 B 632 B	330ms 330ms	XHR text/html	27.72.72.31 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Full URL https://vhearts.net/requests.php?hash=4622d255cee027c26a5f&f=update_data&user_id=6459&before_post_id=42547&check_posts=false&hash_posts=false&_=1628138550147 Requested by Host: vhearts.net URL: https://vhearts.net/themes/wondertag/javascript/jquery-3.1.1.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 27.72.72.31 Haiphong, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS dynamic-adsl.viettel.vn Software Apache / Resource Hash abfeb3db6321035b5f442a87af963bfb1350f522cf6ba580edbd486c1521d09d Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers :path /requests.php?hash=4622d255cee027c26a5f&f=update_data&user_id=6459&before_post_id=42547&check_posts=false&hash_posts=false&_=1628138550147 pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority vhearts.net x-requested-with XMLHttpRequest :scheme https sec-fetch-site same-origin referer https://vhearts.net/vieclamdongnai :method GET Accept */* Referer https://vhearts.net/vieclamdongnai X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache no-cache date Thu, 05 Aug 2021 04:42:46 GMT content-encoding gzip vary Accept-Encoding server Apache x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 cache-control max-age=846000 max-age=0, no-cache, no-store, must-revalidate set-cookie PHPSESSID=88084f0jrhob9f0f1kbp2s49v7; path=/; HttpOnly ad-con=%7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2021-08-05%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D; expires=Sun, 03-Aug-2031 04:42:46 GMT; Max-Age=315360000 ad-con=%7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2021-08-05%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D; expires=Sun, 03-Aug-2031 04:42:46 GMT; Max-Age=315360000 _us=1628224966; expires=Sun, 03-Aug-2031 04:42:46 GMT; Max-Age=315360000 _us=1628224966; expires=Sun, 03-Aug-2031 04:42:46 GMT; Max-Age=315360000 mode=day; expires=Sun, 03-Aug-2031 04:42:46 GMT; Max-Age=315360000; path=/ access=1; expires=Fri, 06-Aug-2021 04:42:46 GMT; Max-Age=86400; path=/ content-length 55 expires Thu, 19 Nov 1981 08:52:00 GMT Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	requests.php Show response vhearts.net/	35 B 630 B	333ms 333ms	XHR text/html	27.72.72.31 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Full URL https://vhearts.net/requests.php?hash=4622d255cee027c26a5f&f=update_data&user_id=6459&before_post_id=42547&check_posts=false&hash_posts=false&_=1628138550148 Requested by Host: vhearts.net URL: https://vhearts.net/themes/wondertag/javascript/jquery-3.1.1.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 27.72.72.31 Haiphong, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS dynamic-adsl.viettel.vn Software Apache / Resource Hash abfeb3db6321035b5f442a87af963bfb1350f522cf6ba580edbd486c1521d09d Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers :path /requests.php?hash=4622d255cee027c26a5f&f=update_data&user_id=6459&before_post_id=42547&check_posts=false&hash_posts=false&_=1628138550148 pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority vhearts.net x-requested-with XMLHttpRequest :scheme https sec-fetch-site same-origin referer https://vhearts.net/vieclamdongnai :method GET Accept */* Referer https://vhearts.net/vieclamdongnai X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache no-cache date Thu, 05 Aug 2021 04:42:51 GMT content-encoding gzip vary Accept-Encoding server Apache x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 cache-control max-age=846000 max-age=0, no-cache, no-store, must-revalidate set-cookie PHPSESSID=tjtqu99sqmkaimbbfnjkftsnh3; path=/; HttpOnly ad-con=%7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2021-08-05%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D; expires=Sun, 03-Aug-2031 04:42:51 GMT; Max-Age=315360000 ad-con=%7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2021-08-05%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D; expires=Sun, 03-Aug-2031 04:42:51 GMT; Max-Age=315360000 _us=1628224971; expires=Sun, 03-Aug-2031 04:42:51 GMT; Max-Age=315360000 _us=1628224971; expires=Sun, 03-Aug-2031 04:42:51 GMT; Max-Age=315360000 mode=day; expires=Sun, 03-Aug-2031 04:42:51 GMT; Max-Age=315360000; path=/ access=1; expires=Fri, 06-Aug-2021 04:42:51 GMT; Max-Age=86400; path=/ content-length 55 expires Thu, 19 Nov 1981 08:52:00 GMT Wed, 11 Jan 1984 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

cm.g.doubleclick.net

URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_push=AYg5qPJaQ65VCBjNq6EAE15Hv6zGg5ySMWJSP_tKn8an7wOZd43cpggPoh0UDtxr-dS2BTp--JI_IAr5vV89lCACxTHDVVot-hlR&google_cver=1

Domain

cm.g.doubleclick.net

URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE&google_cver=1&google_push=AYg5qPKj9t2NcbFY6WB_fpXbroY6xd1JbuwH6GKlhHBQRYE12oUvMIMNFRaolzzHVkyZFcKAuo1c2exK0vJFHBEAezLb66A__U0i

Domain

cm.g.doubleclick.net

URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQtsN3LMUtVBgR5TZlghMgAABLcAAAIB&google_cver=1&google_push=AYg5qPI5Gxqa88ef3e0f6pRF4JankDe79kEyqL6K1nIWHKoQ_DUjRUZDbufhikaPux_8WNMZtqwsfE5K2PRcxckYgec-9tYe-Q&google_gid=CAESELWomVOvoUa9OAFlmZPfHQE