hiepreview.com Open in urlscan Pro
171.244.32.208 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://hiepreview.com/
Submission: On August 02 via manual (August 2nd 2023, 6:30:32 am UTC) from VN — Scanned from PT

Summary HTTP 123 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 22 IPs in 8 countries across 22 domains to perform 123 HTTP transactions. The main IP is 171.244.32.208, located in Hanoi, Viet Nam and belongs to VIETEL-AS-AP Viettel Group, VN. The main domain is hiepreview.com.
TLS certificate: Issued by R3 on June 18th 2023. Valid for: 3 months.

This is the only time hiepreview.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34	171.244.32.208 171.244.32.208	7552 (VIETEL-AS...) (VIETEL-AS-AP Viettel Group)
14	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	142.250.186.168 142.250.186.168	15169 (GOOGLE) (GOOGLE)
1	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
15	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
24	142.250.184.193 142.250.184.193	15169 (GOOGLE) (GOOGLE)
3	172.217.18.10 172.217.18.10	15169 (GOOGLE) (GOOGLE)
5	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
4	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2 5	142.250.184.196 142.250.184.196	15169 (GOOGLE) (GOOGLE)
2	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
1 2	91.228.74.159 91.228.74.159	16509 (AMAZON-02) (AMAZON-02)
1	89.207.16.140 89.207.16.140	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 8	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	23.192.153.28 23.192.153.28	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	3.120.19.63 3.120.19.63	16509 (AMAZON-02) (AMAZON-02)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	52.212.161.120 52.212.161.120	16509 (AMAZON-02) (AMAZON-02)
1	213.155.156.184 213.155.156.184	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	13.41.219.205 13.41.219.205	16509 (AMAZON-02) (AMAZON-02)
123	22

34 171.244.32.208 (Hanoi, Viet Nam)

ASN7552 (VIETEL-AS-AP Viettel Group, VN)

hiepreview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 142.250.184.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.196 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.159 (United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.207.16.140 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams03-nessy-float2.dotomi.com

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.192.153.28 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-153-28.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.19.63 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-19-63.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.161.120 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-161-120.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.155.156.184 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.41.219.205 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-41-219-205.eu-west-2.compute.amazonaws.com

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 130 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	534 KB
34	hiepreview.com hiepreview.com	618 KB
23	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net — Cisco Umbrella Rank: 239	177 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	110 KB
5	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 3	1 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 213	225 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 79	4 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 980	2 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1361	452 B
2	criteo.com dis.criteo.com — Cisco Umbrella Rank: 623	725 B
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 755	924 B
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 802	797 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1788	296 B
1	de17a.com d5p.de17a.com — Cisco Umbrella Rank: 5207	125 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 466	713 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 862	716 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2157	173 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 379	265 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3556	104 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1196	607 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1914	253 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	88 KB
123	22

	Domain	Requested by
34	hiepreview.com	hiepreview.com
24	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
14	pagead2.googlesyndication.com	hiepreview.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
5	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
5	www.gstatic.com	googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
2	pm.w55c.net	2 redirects
2	sync.teads.tv	1 redirects
2	dis.criteo.com	googleads.g.doubleclick.net
2	id.rlcdn.com	2 redirects
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
1	ag.innovid.com	googleads.g.doubleclick.net
1	d5p.de17a.com	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	um.simpli.fi	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	match.adsrvr.org	googleads.g.doubleclick.net
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	hiepreview.com
123	25

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.youtube.com
twitter.com
www.linkedin.com

Subject Issuer	Validity	Valid
hiepreview.com R3	`2023-06-18` - `2023-09-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-06-09` - `2023-09-07`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.de17a.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-30` - `2023-12-30`	a year	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://hiepreview.com/
Frame ID: 2C9B14D660BAE6462EDB3230471D523D
Requests: 65 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230731/r20190131/zrt_lookup.html
Frame ID: 66AACF5236AD8D685CACE5477D3D3EF9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3736689899706280&output=html&adk=1812271804&adf=3025194257&lmt=1690932803&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fhiepreview.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690957827321&bpp=10&bdt=1772&idt=480&shv=r20230731&mjsv=m202307260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3300933183665&frm=20&pv=2&ga_vid=718120822.1690957827&ga_sid=1690957828&ga_hid=1609635220&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44788441%2C44797784&oid=2&pvsid=3264366642444970&tmod=2017836270&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=508
Frame ID: D55E9A46CFB4A1281E7A99AFF85BA6FD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3736689899706280&output=html&h=280&adk=1083277721&adf=1520883492&pi=t.aa~a.3070471706~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1690932803&rafmt=1&to=qs&pwprc=3392351627&format=1200x280&url=https%3A%2F%2Fhiepreview.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690957827331&bpp=2&bdt=1782&idt=506&shv=r20230731&mjsv=m202307260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3300933183665&frm=20&pv=1&ga_vid=718120822.1690957827&ga_sid=1690957828&ga_hid=1609635220&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44788441%2C44797784&oid=2&pvsid=3264366642444970&tmod=2017836270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=21o1koGElm&p=https%3A//hiepreview.com&dtd=509
Frame ID: 81F74BB7DA90A839A6357E066AADB88D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3736689899706280&output=html&h=280&adk=674392158&adf=3149455797&pi=t.aa~a.1477776772~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1690932803&rafmt=1&to=qs&pwprc=3392351627&format=1200x280&url=https%3A%2F%2Fhiepreview.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690957828781&bpp=7&bdt=3232&idt=-M&shv=r20230731&mjsv=m202307260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Def3f8cb2b6c26225-22ff50cf70e300b9%3AT%3D1690957828%3ART%3D1690957828%3AS%3DALNI_MZ1TgshB6NwEoT-GgRk3cPfdvpVyw&gpic=UID%3D00000c4b24e6e880%3AT%3D1690957828%3ART%3D1690957828%3AS%3DALNI_MalWulxxVBTL0RMUluHZaVXcd7Esw&prev_fmts=0x0%2C1200x280&nras=3&correlator=3300933183665&frm=20&pv=1&ga_vid=718120822.1690957827&ga_sid=1690957828&ga_hid=1609635220&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1243&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44788441%2C44797784&oid=2&pvsid=3264366642444970&tmod=2017836270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=3k4mstnbYq&p=https%3A//hiepreview.com&dtd=28
Frame ID: 445700DFBC2A5967D5ED956C62806F2C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3736689899706280&output=html&h=280&adk=2649660192&adf=2757440325&pi=t.aa~a.3070487459~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1690932803&rafmt=1&to=qs&pwprc=3392351627&format=1200x280&url=https%3A%2F%2Fhiepreview.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690957828781&bpp=2&bdt=3232&idt=-M&shv=r20230731&mjsv=m202307260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Def3f8cb2b6c26225-22ff50cf70e300b9%3AT%3D1690957828%3ART%3D1690957828%3AS%3DALNI_MZ1TgshB6NwEoT-GgRk3cPfdvpVyw&gpic=UID%3D00000c4b24e6e880%3AT%3D1690957828%3ART%3D1690957828%3AS%3DALNI_MalWulxxVBTL0RMUluHZaVXcd7Esw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3300933183665&frm=20&pv=1&ga_vid=718120822.1690957827&ga_sid=1690957828&ga_hid=1609635220&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1573&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44788441%2C44797784&oid=2&pvsid=3264366642444970&tmod=2017836270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=jR7YFZschu&p=https%3A//hiepreview.com&dtd=32
Frame ID: 6D2EAC254A2374DC8F7C1F1343F377AD
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3736689899706280&output=html&h=280&adk=674392158&adf=2704615477&pi=t.aa~a.1477775757~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1690932803&rafmt=1&to=qs&pwprc=3392351627&format=1200x280&url=https%3A%2F%2Fhiepreview.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690957828781&bpp=4&bdt=3232&idt=4&shv=r20230731&mjsv=m202307260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Def3f8cb2b6c26225-22ff50cf70e300b9%3AT%3D1690957828%3ART%3D1690957828%3AS%3DALNI_MZ1TgshB6NwEoT-GgRk3cPfdvpVyw&gpic=UID%3D00000c4b24e6e880%3AT%3D1690957828%3ART%3D1690957828%3AS%3DALNI_MalWulxxVBTL0RMUluHZaVXcd7Esw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3300933183665&frm=20&pv=1&ga_vid=718120822.1690957827&ga_sid=1690957828&ga_hid=1609635220&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44788441%2C44797784&oid=2&pvsid=3264366642444970&tmod=2017836270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=73ouG556x9&p=https%3A//hiepreview.com&dtd=39
Frame ID: BA14711E1F92E12CE2541CE34BEDC535
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230731/r20110914/zrt_lookup.html?fsb=1
Frame ID: 25A2A7F8EAA2557802AE1ABA222CD0B5
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230731/r20110914/zrt_lookup.html?fsb=1
Frame ID: A4D244A9D502D206D5445996E959A6E8
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 150FC3CF55DE0FB1481A2F34172C3A2D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/load_preloaded_resource_fy2021.js
Frame ID: F87A8AF3550D6C5293204173C031C57A
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4F656D275900758F57994A50EE3B4FCB
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 125E7A6DC0867C4C58F1037BC75E8EB9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AFB117E2F98BA256A003527A133AD8BB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5F4B1D0CE46E916104082272DC4D9A8C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Frame ID: 2DAA4E2FAC4B0743B0282B6D5372C0F0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Frame ID: EB35E9B9CB18DC945BB9EA6B6DE9A6F8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Frame ID: 77F6EBFADE84EC4FEA6EE2D4F48D1093
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 88FEAA1A157990481D7799F28D803055
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Frame ID: 028A4732D398D0BC8C32BD374B7E8D61
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hiệp Review - Cộng đồng đánh giá, tư vấn sản phẩm mới

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
<link[^>]+s\d+\.wp\.com
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

123
Requests

95 %
HTTPS

0 %
IPv6

22
Domains

25
Subdomains

22
IPs

8
Countries

1760 kB
Transfer

4212 kB
Size

17
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Hiepreview-111495204716433
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC1-GaCYfo-JdtBlqdVmzFcA
Title: Youtube

Search URL Search Domain Scan URL

URL: https://twitter.com/HiepReview
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/in/hiep-review
Title: Linkedin

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 107

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 115

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAaAOQGGG6LYqSG9MLB22-mYAo2dRcchrRhjWOIG_taJ6fK42VM5f-Qb28klTY8NTCceuhs82IL3AJyjzUBuhhWVCjlYUbKDLOdnqlw&google_gid=CAESEHAaQS49GllHJhzM7MnWkN8&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCIXwp6YGEgUI6AcQAEIASnJnb29nbGVfcHVzaD1BYUFPUUdHRzZMWXFTRzlNTEIyMi1tWUFvMmRSY2NoclJoaldPSUdfdGFKNmZLNDJWTTVmLVFiMjhrbFRZOE5UQ2NldWhzODJJTDNBSnlqelVCdWhoV1ZDamxZVWJLRExPZG5xbHc HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwaXZWUkstS3VQejJibUNxNHRpa2VST3VTOHc4X1IxV2FHTzRPOWgyWWsyYw==&google_push

Request Chain 117

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOOGP18-EyznonC0DRa7Q34&google_cver=1&google_push=AaAOQGGih2ZmmFPaRODoAstNxOHCkeH9YkVwvEqnQaMOB8zdImgnhdYmz6LzHx_HuCowDLsz7vTgKA7MwBPioRzkirzRuRKUFH1sruHc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGGih2ZmmFPaRODoAstNxOHCkeH9YkVwvEqnQaMOB8zdImgnhdYmz6LzHx_HuCowDLsz7vTgKA7MwBPioRzkirzRuRKUFH1sruHc HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 138

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECusu4L8gVgD3VEdFCOVbpg&google_cver=1&google_push=AaAOQGFytAkmEDB6q7HA-H5D88hd00YzW0MXbbPofKEETZL3FVfZBROTP1ESm6OMUykDEbcpEQTFUKf7g-_I_0OvZb41bEAv20gGPg HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AaAOQGFytAkmEDB6q7HA-H5D88hd00YzW0MXbbPofKEETZL3FVfZBROTP1ESm6OMUykDEbcpEQTFUKf7g-_I_0OvZb41bEAv20gGPg&google_hm=inTvOJIreYNL_MAkQdXUWg

Request Chain 139

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMSvZoau09z06eikKDZsOug&google_cver=1&google_push=AaAOQGEibmggd3Wb8EKS9keoUl8-TLv6VJeNBHc1JvQVaRPMizZ5B1xC12_906b7TAvu1ZUM9XufcWe1PjwkCGcFh43QuX1bM4cUZg HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMSvZoau09z06eikKDZsOug&google_cver=1&google_push=AaAOQGEibmggd3Wb8EKS9keoUl8-TLv6VJeNBHc1JvQVaRPMizZ5B1xC12_906b7TAvu1ZUM9XufcWe1PjwkCGcFh43QuX1bM4cUZg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cjRHalUzY3cxUXI1bm81&google_gid=CAESEMSvZoau09z06eikKDZsOug&google_cver=1&google_push=AaAOQGEibmggd3Wb8EKS9keoUl8-TLv6VJeNBHc1JvQVaRPMizZ5B1xC12_906b7TAvu1ZUM9XufcWe1PjwkCGcFh43QuX1bM4cUZg

Request Chain 140

https://um.simpli.fi/gp_match?google_gid=CAESEDQlPEt4NsRA61b96ke_M1w&google_cver=1&google_push=AaAOQGHxTgqbO-0cmKuS4MudizEVHD0-iYqGcJv9eDUJSTTysQgR-PEKHvZIoHINrIJ7MwM5tOUt-FD_iytt3DIeQgFdQYEtiedvfw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2538E236BCF24ABEBBF0F26F73F02CBC&google_push=AaAOQGHxTgqbO-0cmKuS4MudizEVHD0-iYqGcJv9eDUJSTTysQgR-PEKHvZIoHINrIJ7MwM5tOUt-FD_iytt3DIeQgFdQYEtiedvfw

Request Chain 141

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKc-M11DD6GrtsO0mlpEfvs&google_cver=1&google_push=AaAOQGHRG4hds6uBUDAYCEZ04urZdzGW4CmrUKcZvnnmp_qAlhmhQTCQ2H76Mrc-wKU0Tr7f-V7BGCmzhmUaoba4G6AxgQ3CwFLJXA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGHRG4hds6uBUDAYCEZ04urZdzGW4CmrUKcZvnnmp_qAlhmhQTCQ2H76Mrc-wKU0Tr7f-V7BGCmzhmUaoba4G6AxgQ3CwFLJXA&google_hm=eS1feWh5Mk5aRTJwSGc3dkNKaHQ0UTc4MFFZblRoR0JINn5B

123 HTTP transactions
29 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
hiepreview.com/ 107 KB
18 KB 2620ms
371ms Document
text/html 171.244.32.208
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hiepreview.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 171.244.32.208 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: Apache/2 / PHP/7.4.30
Resource Hash: 1ba654ddd74ed0397ffdbd8115233dc41821bc3a553a5e5cd06d5b1d055cac9d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

content-encoding: gzip
content-length: 18138
content-type: text/html; charset=UTF-8
date: Wed, 02 Aug 2023 06:25:44 GMT
last-modified: Tue, 01 Aug 2023 23:33:23 GMT
server: Apache/2
vary: Accept-Encoding,User-Agent
x-powered-by: PHP/7.4.30

GET
H2 200 style.min.css
hiepreview.com/wp-includes/css/dist/block-library/ 95 KB
13 KB 365ms
364ms Stylesheet
text/css 171.244.32.208
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hiepreview.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
Requested by: Host: hiepreview.com
URL: https://hiepreview.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 171.244.32.208 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:25:44 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 02:13:42 GMT
server: Apache/2
etag: "17ced-6002ca5ece230-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 12736

GET
H2 200 classic-themes.min.css
hiepreview.com/wp-includes/css/ 291 B
295 B 352ms
350ms Stylesheet
text/css 171.244.32.208
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hiepreview.com/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by: Host: hiepreview.com
URL: https://hiepreview.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 171.244.32.208 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:25:44 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 02:13:42 GMT
server: Apache/2
etag: "123-6002ca5ec3268-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 210

GET
H2 200 styles.css
hiepreview.com/wp-content/cache/min/1/wp-content/plugins/contact-form-7/includes/css/ 2 KB
935 B 637ms
635ms Stylesheet
text/css 171.244.32.208
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hiepreview.com/wp-content/cache/min/1/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=1690431737
Requested by: Host: hiepreview.com
URL: https://hiepreview.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 171.244.32.208 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash: 88f21490128244f54a38864c301f0c9be49f323f6da36c5f5a6bd02175647ada

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:25:44 GMT
content-encoding: gzip
last-modified: Thu, 27 Jul 2023 04:22:17 GMT
server: Apache/2
etag: "926-601704f409f40-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 883

GET
H2 200 kk-star-ratings.min.css
hiepreview.com/wp-content/plugins/kk-star-ratings/src/core/public/css/ 2 KB
667 B 656ms
654ms Stylesheet
text/css 171.244.32.208
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hiepreview.com/wp-content/plugins/kk-star-ratings/src/core/public/css/kk-star-ratings.min.css?ver=5.4.5
Requested by: Host: hiepreview.com
URL: https://hiepreview.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 171.244.32.208 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash: 1cd6396792d7bfdd898dcb9f2ee195387179b30fb4cc2cdc0c57575fab655230

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:25:44 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 02:12:03 GMT
server: Apache/2
etag: "8d3-6002ca00be0f0-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 593

GET
H2 200 widget-options.css
hiepreview.com/wp-content/cache/min/1/wp-content/plugins/widget-options/assets/css/ 2 KB
413 B 637ms
636ms Stylesheet
text/css 171.244.32.208
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hiepreview.com/wp-content/cache/min/1/wp-content/plugins/widget-options/assets/css/widget-options.css?ver=1690431737
Requested by: Host: hiepreview.com
URL: https://hiepreview.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 171.244.32.208 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash: d6ae51988d4acf5826e2df60e9a1537f52f4d616a9e72f6d6101a12cc05aa9bc

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:25:44 GMT
content-encoding: gzip
last-modified: Thu, 27 Jul 2023 04:22:17 GMT
server: Apache/2
etag: "6bf-601704f40ba98-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 361

GET
H2 200 fl-icons.css
hiepreview.com/wp-content/cache/min/1/wp-content/themes/flatsome/assets/css/ 624 B
237 B 638ms
636ms Stylesheet
text/css 171.244.32.208
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hiepreview.com/wp-content/cache/min/1/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=1690431737
Requested by: Host: hiepreview.com
URL: https://hiepreview.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 171.244.32.208 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash: 947dfb7e53be67e842377d5b82d2cbff3476327ee03ca883b76d3855ccb63dfc

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:25:44 GMT
content-encoding: gzip
last-modified: Thu, 27 Jul 2023 04:22:17 GMT
server: Apache/2
etag: "270-601704f40ca38-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 186

GET
H2 200 flatsome.css
hiepreview.com/wp-content/cache/min/1/wp-content/themes/flatsome/assets/css/ 168 KB
31 KB 488ms
487ms Stylesheet
text/css 171.244.32.208
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hiepreview.com/wp-content/cache/min/1/wp-content/themes/flatsome/assets/css/flatsome.css?ver=1690431737
Requested by: Host: hiepreview.com
URL: https://hiepreview.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 171.244.32.208 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash: b60668211c903c2fd005b23c6c0f35903b6a0c1d0234e3f3663eef60ea297d62

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:25:44 GMT
content-encoding: gzip
last-modified: Thu, 27 Jul 2023 04:22:17 GMT
server: Apache/2
etag: "2a063-601704f411c40-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 31383

GET
H2 200 style.css
hiepreview.com/wp-content/cache/min/1/wp-content/themes/flatsome-child/ 12 KB
3 KB 656ms
655ms Stylesheet
text/css 171.244.32.208
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hiepreview.com/wp-content/cache/min/1/wp-content/themes/flatsome-child/style.css?ver=1690431737
Requested by: Host: hiepreview.com
URL: https://hiepreview.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 171.244.32.208 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash: 5d6d5e1e2eb3fa153cb25befa6ebf31010703d5ba19ce40b2029e7507528e2ef

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:25:44 GMT
content-encoding: gzip
last-modified: Thu, 27 Jul 2023 04:22:17 GMT
server: Apache/2
etag: "319c-601704f4133b0-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 3180

GET
H2 200 jquery.min.js Show response
hiepreview.com/wp-includes/js/jquery/ 88 KB
30 KB 638ms
637ms Script
application/javascript 171.244.32.208
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hiepreview.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by: Host: hiepreview.com
URL: https://hiepreview.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 171.244.32.208 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:25:44 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 02:13:43 GMT
server: Apache/2
etag: "15ed7-6002ca5f48350-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 31049

GET
H2 200 jquery-migrate.min.js Show response
hiepreview.com/wp-includes/js/jquery/ 13 KB
5 KB 437ms
437ms Script
application/javascript 171.244.32.208
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hiepreview.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: hiepreview.com
URL: https://hiepreview.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 171.244.32.208 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:25:44 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 02:13:43 GMT
server: Apache/2
etag: "3470-6002ca5f48738-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 4795

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 846ms
135ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3736689899706280

Requested by

Host: hiepreview.com
URL: https://hiepreview.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

5770c10daf8b5dc44e5e2a7138de746411af0263ed6a0dc3bc4e286f0ed22db1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hiepreview.com/
Origin: https://hiepreview.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:30:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51005
x-xss-protection: 0
server: cafe
etag: 4866936337959678929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 02 Aug 2023 06:30:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
88 KB 809ms
100ms Script
application/javascript 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1FYPHZY4FB

Requested by

Host: hiepreview.com
URL: https://hiepreview.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b3e5f0eae44afeb58509405bc897b184e6c381e954bb770f070f17529ceee1ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:30:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89412
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 02 Aug 2023 06:30:27 GMT

GET
H2 200 script.min.js Show response
hiepreview.com/_private/static/ 394 B
445 B 436ms
436ms Script
application/javascript 171.244.32.208
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hiepreview.com/_private/static/script.min.js
Requested by: Host: hiepreview.com
URL: https://hiepreview.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 171.244.32.208 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: /
Resource Hash: b00c2d796ad8b3433057676a4212f1d7068122828273eee590a3358e6e1e7067

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:25:44 GMT
last-modified: Mon, 31 Jul 2023 12:35:25 GMT
accept-ranges: bytes
content-length: 394
content-type: application/javascript

GET
H2 200 index.js Show response
hiepreview.com/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 507ms
505ms Script
application/javascript 171.244.32.208
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hiepreview.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.7
Requested by: Host: hiepreview.com
URL: https://hiepreview.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 171.244.32.208 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash: 52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:25:45 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 02:11:53 GMT
server: Apache/2
etag: "2801-6002c9f684df0-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 3010

GET
H2 200 index.js Show response
hiepreview.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 507ms
505ms Script
application/javascript 171.244.32.208
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hiepreview.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.7
Requested by: Host: hiepreview.com
URL: https://hiepreview.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 171.244.32.208 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash: 1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:25:45 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 02:11:53 GMT
server: Apache/2
etag: "328f-6002c9f6878e8-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 4182

GET
H2 200 kk-star-ratings.min.js Show response
hiepreview.com/wp-content/plugins/kk-star-ratings/src/core/public/js/ 1 KB
792 B 646ms
644ms Script
application/javascript 171.244.32.208
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hiepreview.com/wp-content/plugins/kk-star-ratings/src/core/public/js/kk-star-ratings.min.js?ver=5.4.5
Requested by: Host: hiepreview.com
URL: https://hiepreview.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 171.244.32.208 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash: acdebf935ded5cb063dcca7c46be5bbc503af5e76e295f6d0b7093c4514ed256

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:25:45 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 02:12:03 GMT
server: Apache/2
etag: "54f-6002ca00c0418-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 741

GET
H2 200 hoverIntent.min.js Show response
hiepreview.com/wp-includes/js/ 1 KB
804 B 386ms
384ms Script
application/javascript 171.244.32.208
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hiepreview.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Requested by: Host: hiepreview.com
URL: https://hiepreview.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 171.244.32.208 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash: ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:25:45 GMT
content-encoding: gzip
last-modified: Sat, 19 Nov 2022 13:28:42 GMT
server: Apache/2
etag: "5db-5edd2cd031680-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 706

GET
H2 200 flatsome.js Show response
hiepreview.com/wp-content/themes/flatsome/assets/js/ 156 KB
44 KB 541ms
540ms Script
application/javascript 171.244.32.208
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hiepreview.com/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.13.3
Requested by: Host: hiepreview.com
URL: https://hiepreview.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 171.244.32.208 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash: a2721a86e102d7ce2db2b5763901617fa1380e35d0cd29f28e4d73376bc65f97

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:25:45 GMT
content-encoding: gzip
last-modified: Mon, 15 Nov 2021 04:01:18 GMT
server: Apache/2
etag: "27116-5d0cbdc637f80-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 45328

GET
H2 200 flatsome-wp-rocket.js Show response
hiepreview.com/wp-content/themes/flatsome/inc/integrations/wp-rocket/ 976 B
427 B 539ms
538ms Script
application/javascript 171.244.32.208
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hiepreview.com/wp-content/themes/flatsome/inc/integrations/wp-rocket/flatsome-wp-rocket.js?ver=3
Requested by: Host: hiepreview.com
URL: https://hiepreview.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 171.244.32.208 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash: 9f877e9e23e0846f17f6ff2d31b6c96985d53691cc96de22f937f390bcabd79f

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:25:45 GMT
content-encoding: gzip
last-modified: Mon, 15 Nov 2021 04:01:54 GMT
server: Apache/2
etag: "3d0-5d0cbde88d080-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 352

GET
H2 200 flatsome-live-search.js Show response
hiepreview.com/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/ 16 KB
5 KB 513ms
511ms Script
application/javascript 171.244.32.208
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hiepreview.com/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.13.3
Requested by: Host: hiepreview.com
URL: https://hiepreview.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 171.244.32.208 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash: ebf0e8c538ae3047cf5056253a32daa65d23d8fb531ea05b0f0f28d58f828143

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:25:45 GMT
content-encoding: gzip
last-modified: Mon, 15 Nov 2021 04:01:52 GMT
server: Apache/2
etag: "3e04-5d0cbde6a4c00-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 5106

GET
H2 200 frontend.min.js Show response
hiepreview.com/wp-content/plugins/q2w3-fixed-widget/js/ 23 KB
5 KB 501ms
500ms Script
application/javascript 171.244.32.208
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hiepreview.com/wp-content/plugins/q2w3-fixed-widget/js/frontend.min.js?ver=6.2.3
Requested by: Host: hiepreview.com
URL: https://hiepreview.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 171.244.32.208 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash: a69c12ccd186a899db79fce802b46c08e71f69c2c422be2666ed8565e3add026

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:25:45 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 02:11:55 GMT
server: Apache/2
etag: "5b89-6002c9f9253c0-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 5406

GET
H2 200 lazyload.min.js Show response
hiepreview.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 9 KB
3 KB 333ms
332ms Script
application/javascript 171.244.32.208
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hiepreview.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js
Requested by: Host: hiepreview.com
URL: https://hiepreview.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 171.244.32.208 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash: f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:25:45 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 02:12:25 GMT
server: Apache/2
etag: "22bc-6002ca157d950-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 3053

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e87ad7e5a70aec3b07b2c129c24902c23a8271204d587995833a82f41d999603

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6769e8c316ee298768aeb036b41b78bcf1198b02742e5fd70648c16954f53aa

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34e0bb5c5ed1184e6452cf7562faf332af1a26e95e50e035ff0a9f7065e6df9e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a7be7f1ad956a7afceaacdcf1a94eefdf6a1102dd1525c3c2df215012bfc8a7

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60247285676eba403ab989dea9febd60aebb2f7138795bd7f184dfdf71bbbeae

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e5308d8cac8eff9f6db9746a719a946e6a8c269a1bc3c2df0b9d407c0830c4b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c56e27e11411a51172713ae275e61eae1f6c6440730afcb14fa92c9dcce1849d

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f35f122e6ce4a1a7716ec5195343a95677ce8b6499637d3dac5388c178883d7e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c68c00a06ce866dfca4db448597b045e25d83a6c3e4524f1f8b6383c662616c6

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 30ce41013884ad91288b2598001a775ee8cf40264b9d704ff17ba57aba2acdaf

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2ef05e7b186ac02978053f7c4bbe4ce735b5011b7fa9ead7ef448c1067b202e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7820ec49b1f8e7160afc856bc440b30bac758d9195888c127e79463d19abab3e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b94c684bed51d422956e9ad5e96039764a8cc94a24016b895c60bd30c0d3dee9

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 385e0f472666744d94c9649163327b10f5ec4389b4e070d82f7cbf68a8c8ca6e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2e405248043b491ffd875efa95da38e29026023088329f3b527bfb0a25d9fa2

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9fbc3acbf07d1022650a2a6ba9588b0bf23753c5777bf39bdd57dd504b8a1ea7

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c97fe99a17266eb6db3fff97b640fcca7d6799126f979ee4d1d03ede91ceffd

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d04a45868199c2eff13acfc1e62cf62ae70131fa42e742522351b0f9ad110a0f

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f723231b1a6583adfb3540ce455ae45e18842b72b377e18069691f5e5e947b3

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 907b06f0d2bfdd8a9a9668815251e2402c67ee48907f02917ae9dee758002f0b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d4832361d3ef352af462e99cac31edf44d496b3dd5361a0a22888df72456fc4

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06cdade44dac88d41cabcbe75e94a5d99a4a6ac6f568471679e05220fe4f4e0a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 1.png
hiepreview.com/wp-content/uploads/2021/12/ 9 KB
9 KB 351ms
350ms Image
image/png 171.244.32.208
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiepreview.com/wp-content/uploads/2021/12/1.png
Requested by: Host: hiepreview.com
URL: https://hiepreview.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 171.244.32.208 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash: 909af442dc5a4603891953285b74702c653495cb4730a64773f4ea87d40e8466

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:25:45 GMT
last-modified: Thu, 09 Dec 2021 09:49:00 GMT
server: Apache/2
accept-ranges: bytes
etag: "245a-5d2b3840d5b00"
content-length: 9306
content-type: image/png

GET
H2 200 1-19-300x272.jpg
hiepreview.com/wp-content/uploads/2023/04/ 24 KB
24 KB 355ms
353ms Image
image/jpeg 171.244.32.208
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiepreview.com/wp-content/uploads/2023/04/1-19-300x272.jpg
Requested by: Host: hiepreview.com
URL: https://hiepreview.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 171.244.32.208 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash: 976841b3918648b91b12c95b14e011cc7bc3d2ccd35544766dbd4d283812124c

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:25:45 GMT
last-modified: Sun, 09 Apr 2023 11:03:00 GMT
server: Apache/2
accept-ranges: bytes
etag: "5e3c-5f8e5339901d0"
content-length: 24124
content-type: image/jpeg

GET
H2 200 1-16-300x300.jpg
hiepreview.com/wp-content/uploads/2023/04/ 12 KB
12 KB 420ms
418ms Image
image/jpeg 171.244.32.208
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiepreview.com/wp-content/uploads/2023/04/1-16-300x300.jpg
Requested by: Host: hiepreview.com
URL: https://hiepreview.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 171.244.32.208 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash: bb731943984275a1b11d40e5b6106cdeaeede228ae5888cd2d86f0f4d7794510

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:25:45 GMT
last-modified: Fri, 07 Apr 2023 10:05:44 GMT
server: Apache/2
accept-ranges: bytes
etag: "2efd-5f8bc2b1b8c18"
content-length: 12029
content-type: image/jpeg

GET
H2 200 1-12-300x228.jpg
hiepreview.com/wp-content/uploads/2023/04/ 15 KB
15 KB 633ms
631ms Image
image/jpeg 171.244.32.208
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiepreview.com/wp-content/uploads/2023/04/1-12-300x228.jpg
Requested by: Host: hiepreview.com
URL: https://hiepreview.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 171.244.32.208 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash: d419084b406fb021fdacf9a0e58dd7e8afa35ca554bb030116f0ce4d67783149

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:25:45 GMT
last-modified: Thu, 06 Apr 2023 10:55:16 GMT
server: Apache/2
accept-ranges: bytes
etag: "3c3b-5f8a8be6fcf10"
content-length: 15419
content-type: image/jpeg

GET
H2 200 1-9-300x179.jpg
hiepreview.com/wp-content/uploads/2023/04/ 8 KB
8 KB 634ms
632ms Image
image/jpeg 171.244.32.208
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiepreview.com/wp-content/uploads/2023/04/1-9-300x179.jpg
Requested by: Host: hiepreview.com
URL: https://hiepreview.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 171.244.32.208 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash: 9a8395f64b765949b36e2a5356a8a630c1664ee4595c1b6a8bb548dd89199542

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:25:45 GMT
last-modified: Wed, 05 Apr 2023 04:39:05 GMT
server: Apache/2
accept-ranges: bytes
etag: "20a6-5f88f5f433c98"
content-length: 8358
content-type: image/jpeg

GET
H2 200 1-2-279x300.jpg
hiepreview.com/wp-content/uploads/2023/04/ 17 KB
17 KB 633ms
632ms Image
image/jpeg 171.244.32.208
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiepreview.com/wp-content/uploads/2023/04/1-2-279x300.jpg
Requested by: Host: hiepreview.com
URL: https://hiepreview.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 171.244.32.208 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash: b40b3d21aabd3fd2ea7b32015d5fc94a317ae0d529a5fa1a2a76c9440ac799c6

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:25:45 GMT
last-modified: Sun, 02 Apr 2023 14:28:20 GMT
server: Apache/2
accept-ranges: bytes
etag: "42c1-5f85b410c41e0"
content-length: 17089
content-type: image/jpeg

GET
H2 200 1-26-300x202.jpg
hiepreview.com/wp-content/uploads/2023/03/ 14 KB
14 KB 367ms
365ms Image
image/jpeg 171.244.32.208
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiepreview.com/wp-content/uploads/2023/03/1-26-300x202.jpg
Requested by: Host: hiepreview.com
URL: https://hiepreview.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 171.244.32.208 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash: b398b37ced0d42bb939fad15895dae53bf34dcae4c2a9d09c3a6c567c71d3852

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:25:45 GMT
last-modified: Thu, 30 Mar 2023 04:08:46 GMT
server: Apache/2
accept-ranges: bytes
etag: "390c-5f8163fcd1880"
content-length: 14604
content-type: image/jpeg

GET
H2 200 1-300x225.png
hiepreview.com/wp-content/uploads/2023/06/ 131 KB
131 KB 419ms
418ms Image
image/png 171.244.32.208
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiepreview.com/wp-content/uploads/2023/06/1-300x225.png
Requested by: Host: hiepreview.com
URL: https://hiepreview.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 171.244.32.208 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash: 156a54ec0ab06c5f60e63d6a4cd01ec47408d872cb229acbfd2bca1cb17c6ab8

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:25:45 GMT
last-modified: Wed, 21 Jun 2023 07:42:20 GMT
server: Apache/2
accept-ranges: bytes
etag: "20a38-5fe9ee861c250"
content-length: 133688
content-type: image/png

GET
H2 200 2-34-300x172.png
hiepreview.com/wp-content/uploads/2023/05/ 87 KB
87 KB 367ms
365ms Image
image/png 171.244.32.208
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiepreview.com/wp-content/uploads/2023/05/2-34-300x172.png
Requested by: Host: hiepreview.com
URL: https://hiepreview.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 171.244.32.208 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash: 62d4e48d9df70bc32e3aebc5b906d6a58cd17a2287425e49535743e181202120

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:25:45 GMT
last-modified: Sun, 14 May 2023 14:50:14 GMT
server: Apache/2
accept-ranges: bytes
etag: "15b73-5fba874b99088"
content-length: 88947
content-type: image/png

GET
H2 200 3-11-300x168.png
hiepreview.com/wp-content/uploads/2023/05/ 96 KB
96 KB 633ms
632ms Image
image/png 171.244.32.208
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiepreview.com/wp-content/uploads/2023/05/3-11-300x168.png
Requested by: Host: hiepreview.com
URL: https://hiepreview.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 171.244.32.208 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash: 6637fb1a5395628311ddc424fcc86288fd313350803ee678aa03ef9f63653090

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:25:45 GMT
last-modified: Sun, 07 May 2023 08:07:09 GMT
server: Apache/2
accept-ranges: bytes
etag: "17e1d-5fb1602472ac0"
content-length: 97821
content-type: image/png

GET
H2 200 1-19-199x300.jpg
hiepreview.com/wp-content/uploads/2023/03/ 17 KB
17 KB 634ms
633ms Image
image/jpeg 171.244.32.208
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiepreview.com/wp-content/uploads/2023/03/1-19-199x300.jpg
Requested by: Host: hiepreview.com
URL: https://hiepreview.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 171.244.32.208 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash: 814ea34133c6adfde998a28222d88123711684451dd342557488b60f5ebc4304

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:25:45 GMT
last-modified: Sat, 25 Mar 2023 14:53:04 GMT
server: Apache/2
accept-ranges: bytes
etag: "4409-5f7baaac4eb38"
content-length: 17417
content-type: image/jpeg

GET
H2 200 5-2-300x300.jpg
hiepreview.com/wp-content/uploads/2023/03/ 4 KB
0 633ms
632ms Image
image/jpeg 171.244.32.208
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiepreview.com/wp-content/uploads/2023/03/5-2-300x300.jpg
Requested by: Host: hiepreview.com
URL: https://hiepreview.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 171.244.32.208 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:25:45 GMT
last-modified: Fri, 24 Mar 2023 14:06:49 GMT
server: Apache/2
accept-ranges: bytes
etag: "463e-5f7a5e78d0e98"
content-length: 17982
content-type: image/jpeg

GET
H2 200 1-10-263x300.jpg
hiepreview.com/wp-content/uploads/2023/03/ 19 KB
19 KB 633ms
633ms Image
image/jpeg 171.244.32.208
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiepreview.com/wp-content/uploads/2023/03/1-10-263x300.jpg
Requested by: Host: hiepreview.com
URL: https://hiepreview.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 171.244.32.208 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash: 98aaacb98155d5e5b9d5b962c8d3fdcbb2c346c2c323252709f16a8e2c5fcf50

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:25:45 GMT
last-modified: Tue, 21 Mar 2023 14:02:24 GMT
server: Apache/2
accept-ranges: bytes
etag: "4b43-5f7697e3781f8"
content-length: 19267
content-type: image/jpeg

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 208ms
75ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-1FYPHZY4FB&gtm=45je37v0&_p=1609635220&cid=718120822.1690957827&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690957827&sct=1&seg=0&dl=https%3A%2F%2Fhiepreview.com%2F&dt=Hi%E1%BB%87p%20Review%20-%20C%E1%BB%99ng%20%C4%91%E1%BB%93ng%20%C4%91%C3%A1nh%20gi%C3%A1%2C%20t%C6%B0%20v%E1%BA%A5n%20s%E1%BA%A3n%20ph%E1%BA%A9m%20m%E1%BB%9Bi&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1FYPHZY4FB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 06:30:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hiepreview.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307260101/ 361 KB
124 KB 300ms
140ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3736689899706280&plah=hiepreview.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3736689899706280

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

b87b75ff39bb757bcc4484dd8ad463cca53a7597421ce312851a720b285f2af1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:30:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126408
x-xss-protection: 0
server: cafe
etag: 9357941390367671769
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 02 Aug 2023 06:30:27 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230731/r20190131/ Frame 66AA 10 KB
5 KB 257ms
82ms Document
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230731/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3736689899706280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hiepreview.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

age: 2879
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Aug 2023 05:42:28 GMT
etag: 12368291122986407432
expires: Wed, 16 Aug 2023 05:42:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
607 B 262ms
91ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=hiepreview.com&callback=_gfp_s_&client=ca-pub-3736689899706280

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3736689899706280&plah=hiepreview.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

04f738b64159df90ae858b7613741625d0d2fc038ba7dc57dc5f41912882be1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D55E 317 KB
76 KB 767ms
766ms Document
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3736689899706280&output=html&adk=1812271804&adf=3025194257&lmt=1690932803&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fhiepreview.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690957827321&bpp=10&bdt=1772&idt=480&shv=r20230731&mjsv=m202307260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3300933183665&frm=20&pv=2&ga_vid=718120822.1690957827&ga_sid=1690957828&ga_hid=1609635220&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44788441%2C44797784&oid=2&pvsid=3264366642444970&tmod=2017836270&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=508

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

85d4eb2e767c5499219c94c5ba28a4be1dd392fac6602a94d0e24440baa84a78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hiepreview.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 77788
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Aug 2023 06:30:28 GMT
expires: Wed, 02 Aug 2023 06:30:28 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 81F7 436 B
434 B 225ms
224ms Document
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3736689899706280&output=html&h=280&adk=1083277721&adf=1520883492&pi=t.aa~a.3070471706~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1690932803&rafmt=1&to=qs&pwprc=3392351627&format=1200x280&url=https%3A%2F%2Fhiepreview.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690957827331&bpp=2&bdt=1782&idt=506&shv=r20230731&mjsv=m202307260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3300933183665&frm=20&pv=1&ga_vid=718120822.1690957827&ga_sid=1690957828&ga_hid=1609635220&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44788441%2C44797784&oid=2&pvsid=3264366642444970&tmod=2017836270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=21o1koGElm&p=https%3A//hiepreview.com&dtd=509

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

dd65544ee7ca964820d0437e380fc2904bee150fe3ffaae96fa7b44038af0c67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hiepreview.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 214
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Aug 2023 06:30:28 GMT
expires: Wed, 02 Aug 2023 06:30:28 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 128ms
128ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230731&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

2e26f757276e0c569a913833205a9d985166cf07cfbc22afff835b55c5102648

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:30:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11546
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307260101/ 154 KB
52 KB 148ms
148ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307260101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

452de22363265132d670955d334feed39a3a871984d5d8993e047aa2910d3f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:30:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53453
x-xss-protection: 0
server: cafe
etag: 10960255717834365256
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Aug 2023 06:30:28 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4457 436 B
238 B 287ms
287ms Document
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3736689899706280&output=html&h=280&adk=674392158&adf=3149455797&pi=t.aa~a.1477776772~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1690932803&rafmt=1&to=qs&pwprc=3392351627&format=1200x280&url=https%3A%2F%2Fhiepreview.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690957828781&bpp=7&bdt=3232&idt=-M&shv=r20230731&mjsv=m202307260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Def3f8cb2b6c26225-22ff50cf70e300b9%3AT%3D1690957828%3ART%3D1690957828%3AS%3DALNI_MZ1TgshB6NwEoT-GgRk3cPfdvpVyw&gpic=UID%3D00000c4b24e6e880%3AT%3D1690957828%3ART%3D1690957828%3AS%3DALNI_MalWulxxVBTL0RMUluHZaVXcd7Esw&prev_fmts=0x0%2C1200x280&nras=3&correlator=3300933183665&frm=20&pv=1&ga_vid=718120822.1690957827&ga_sid=1690957828&ga_hid=1609635220&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1243&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44788441%2C44797784&oid=2&pvsid=3264366642444970&tmod=2017836270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=3k4mstnbYq&p=https%3A//hiepreview.com&dtd=28

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

d080f37c303cc27402ce4384bbf815c74d77a8a75f06a5e6eb5b82e3fe8a7270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hiepreview.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Aug 2023 06:30:29 GMT
expires: Wed, 02 Aug 2023 06:30:29 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6D2E 125 KB
42 KB 1201ms
1200ms Document
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3736689899706280&output=html&h=280&adk=2649660192&adf=2757440325&pi=t.aa~a.3070487459~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1690932803&rafmt=1&to=qs&pwprc=3392351627&format=1200x280&url=https%3A%2F%2Fhiepreview.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690957828781&bpp=2&bdt=3232&idt=-M&shv=r20230731&mjsv=m202307260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Def3f8cb2b6c26225-22ff50cf70e300b9%3AT%3D1690957828%3ART%3D1690957828%3AS%3DALNI_MZ1TgshB6NwEoT-GgRk3cPfdvpVyw&gpic=UID%3D00000c4b24e6e880%3AT%3D1690957828%3ART%3D1690957828%3AS%3DALNI_MalWulxxVBTL0RMUluHZaVXcd7Esw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3300933183665&frm=20&pv=1&ga_vid=718120822.1690957827&ga_sid=1690957828&ga_hid=1609635220&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1573&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44788441%2C44797784&oid=2&pvsid=3264366642444970&tmod=2017836270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=jR7YFZschu&p=https%3A//hiepreview.com&dtd=32

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

133f2bf2c029e1d5e4b8399845a679a188f7b974f291cde84281950119f2b545

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hiepreview.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Aug 2023 06:30:29 GMT
expires: Wed, 02 Aug 2023 06:30:29 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BA14 129 KB
43 KB 439ms
438ms Document
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3736689899706280&output=html&h=280&adk=674392158&adf=2704615477&pi=t.aa~a.1477775757~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1690932803&rafmt=1&to=qs&pwprc=3392351627&format=1200x280&url=https%3A%2F%2Fhiepreview.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690957828781&bpp=4&bdt=3232&idt=4&shv=r20230731&mjsv=m202307260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Def3f8cb2b6c26225-22ff50cf70e300b9%3AT%3D1690957828%3ART%3D1690957828%3AS%3DALNI_MZ1TgshB6NwEoT-GgRk3cPfdvpVyw&gpic=UID%3D00000c4b24e6e880%3AT%3D1690957828%3ART%3D1690957828%3AS%3DALNI_MalWulxxVBTL0RMUluHZaVXcd7Esw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3300933183665&frm=20&pv=1&ga_vid=718120822.1690957827&ga_sid=1690957828&ga_hid=1609635220&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44788441%2C44797784&oid=2&pvsid=3264366642444970&tmod=2017836270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=73ouG556x9&p=https%3A//hiepreview.com&dtd=39

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

e10da18a420e4b3ed73b4e7f5adf994c595193e69cffbd1a8878e0cb921e3a84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hiepreview.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43672
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Aug 2023 06:30:29 GMT
expires: Wed, 02 Aug 2023 06:30:29 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 408ms
237ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 02 Aug 2023 06:30:29 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230731/r20110914/ Frame 25A2 10 KB
4 KB 78ms
77ms Document
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230731/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hiepreview.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

age: 34410
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Aug 2023 20:56:58 GMT
etag: 12368291122986407432
expires: Tue, 15 Aug 2023 20:56:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230731/r20110914/ Frame A4D2 10 KB
4 KB 77ms
77ms Document
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230731/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hiepreview.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

age: 34410
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Aug 2023 20:56:58 GMT
etag: 12368291122986407432
expires: Tue, 15 Aug 2023 20:56:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 25A2 4 KB
1 KB 281ms
114ms Stylesheet
text/css 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230731/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f10.1e100.net

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 02 Aug 2023 06:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 04:41:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 02 Aug 2023 06:30:29 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 25A2 205 B
652 B 276ms
109ms Image
image/png 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230731/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 06:16:49 GMT
x-content-type-options: nosniff
age: 346420
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 28 Jul 2024 06:16:49 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 25A2 604 B
696 B 277ms
110ms Image
image/png 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230731/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:36:06 GMT
x-content-type-options: nosniff
age: 287663
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 28 Jul 2024 22:36:06 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230731/r20110914/elements/html/ Frame 25A2 14 KB
6 KB 191ms
153ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230731/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230731/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

562629cd42293c0a89d5a5aac3645d5319caa68698ca67e2d590a9104930d726

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 19:14:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40563
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6345
x-xss-protection: 0
server: cafe
etag: 11507422573229642752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 19:14:26 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230731/r20110914/elements/html/ Frame 25A2 20 KB
8 KB 126ms
88ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230731/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230731/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

6502bdf22ef786413e7f2f327222c6506f0d737dac9697687351a77ec17abe5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 19:14:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40563
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8584
x-xss-protection: 0
server: cafe
etag: 950576603211542893
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 19:14:26 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230731/r20110914/ Frame A4D2 23 KB
9 KB 158ms
143ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230731/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230731/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

ea6f61e80a6b2aac4475b8855e3263f3932f018388ce60e2ae6d5992e2ae4325

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 17:57:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45164
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9116
x-xss-protection: 0
server: cafe
etag: 5341217345868469740
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 17:57:45 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 150F 143 B
166 B 77ms
77ms Document
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230731/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230731/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

age: 1086
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Aug 2023 06:12:23 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/ Frame A4D2 3 KB
1 KB 155ms
142ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230731/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 17:57:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 17:57:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/ Frame A4D2 20 KB
8 KB 94ms
81ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230731/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

701511a8f659a2d9900ee663be0d19caa776005208107690d1f43ce6d8bd870e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 17:57:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 9725510470914717636
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 17:57:44 GMT

GET
H2 200 14045190459644231630
tpc.googlesyndication.com/simgad/ Frame A4D2 55 KB
55 KB 170ms
159ms Image
image/gif 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14045190459644231630

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230731/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

161e52c4b692658beb132e5501f8b03779c0fafa343d60db3e2640f3ec76a39a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 23:57:41 GMT
x-content-type-options: nosniff
age: 23568
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55992
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 16:55:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 31 Jul 2024 23:57:41 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A4D2 179 KB
57 KB 252ms
90ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230731/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Aug 2023 06:30:29 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/ Frame A4D2 33 KB
13 KB 136ms
125ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230731/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

9f7f1f4183509b96facc810fdceded80fa9a8662f0bbf2da42d240d19b43e384

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 18:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13541
x-xss-protection: 0
server: cafe
etag: 11479734359822526307
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 18:41:15 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 150F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

148ms
129ms

Document
text/html

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230731/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Aug 2023 06:30:29 GMT
expires: Wed, 02 Aug 2023 06:30:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Aug 2023 06:30:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A4D2 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab1704c47e58bee6cb246c185d462420a037c2f8b26ace3321ba5329deb5507a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/ Frame F87A 2 KB
945 B 131ms
87ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230731/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 17:57:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45164
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 17:57:45 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230731/r20110914/ Frame F87A 23 KB
9 KB 132ms
88ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230731/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230731/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

ea6f61e80a6b2aac4475b8855e3263f3932f018388ce60e2ae6d5992e2ae4325

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 17:57:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45164
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9116
x-xss-protection: 0
server: cafe
etag: 5341217345868469740
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 17:57:45 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4F65 143 B
166 B 119ms
88ms Document
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230731/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230731/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

age: 1086
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Aug 2023 06:12:23 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/ Frame F87A 3 KB
1 KB 133ms
89ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230731/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 17:57:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 17:57:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/ Frame F87A 20 KB
8 KB 121ms
77ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230731/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

701511a8f659a2d9900ee663be0d19caa776005208107690d1f43ce6d8bd870e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 17:57:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 9725510470914717636
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 17:57:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F87A 179 KB
56 KB 157ms
114ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230731/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Aug 2023 06:30:29 GMT

GET
H2 200 be510c26caa47b2219b733ddba985099.js Show response
www.gstatic.com/mysidia/ Frame F87A 33 KB
14 KB 144ms
101ms Script
text/javascript 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/be510c26caa47b2219b733ddba985099.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230731/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

ff928bca5a80772152dcedbbb4ec789c9b73af85b51f6a8cfba2e484a0cb54b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:00:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 440982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14157
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 03:44:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 04:00:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BA14 14 KB
1 KB 132ms
104ms Stylesheet
text/css 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3736689899706280&output=html&h=280&adk=674392158&adf=2704615477&pi=t.aa~a.1477775757~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1690932803&rafmt=1&to=qs&pwprc=3392351627&format=1200x280&url=https%3A%2F%2Fhiepreview.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690957828781&bpp=4&bdt=3232&idt=4&shv=r20230731&mjsv=m202307260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Def3f8cb2b6c26225-22ff50cf70e300b9%3AT%3D1690957828%3ART%3D1690957828%3AS%3DALNI_MZ1TgshB6NwEoT-GgRk3cPfdvpVyw&gpic=UID%3D00000c4b24e6e880%3AT%3D1690957828%3ART%3D1690957828%3AS%3DALNI_MalWulxxVBTL0RMUluHZaVXcd7Esw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3300933183665&frm=20&pv=1&ga_vid=718120822.1690957827&ga_sid=1690957828&ga_hid=1609635220&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44788441%2C44797784&oid=2&pvsid=3264366642444970&tmod=2017836270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=73ouG556x9&p=https%3A//hiepreview.com&dtd=39

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f10.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 02 Aug 2023 06:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 04:31:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 02 Aug 2023 06:30:29 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/ Frame BA14 2 KB
926 B 122ms
94ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 17:57:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45164
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 17:57:45 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230731/r20110914/ Frame BA14 23 KB
9 KB 90ms
90ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230731/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

ea6f61e80a6b2aac4475b8855e3263f3932f018388ce60e2ae6d5992e2ae4325

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 17:57:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45164
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9116
x-xss-protection: 0
server: cafe
etag: 5341217345868469740
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 17:57:45 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/ Frame BA14 3 KB
1 KB 94ms
94ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 17:57:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 17:57:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/ Frame BA14 20 KB
8 KB 118ms
91ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

701511a8f659a2d9900ee663be0d19caa776005208107690d1f43ce6d8bd870e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 17:57:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 9725510470914717636
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 17:57:44 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame BA14 0
0 87ms
86ms Image
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTYKKCHqhvltgVAn7OVLsQa-0h6EX469gieh02MzWBEJvsP-JWxO-c3mFLv5TvBwhDbXveXcXMBaNPkO4uOlmoOUDKwwg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3736689899706280&output=html&h=280&adk=674392158&adf=2704615477&pi=t.aa~a.1477775757~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1690932803&rafmt=1&to=qs&pwprc=3392351627&format=1200x280&url=https%3A%2F%2Fhiepreview.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690957828781&bpp=4&bdt=3232&idt=4&shv=r20230731&mjsv=m202307260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Def3f8cb2b6c26225-22ff50cf70e300b9%3AT%3D1690957828%3ART%3D1690957828%3AS%3DALNI_MZ1TgshB6NwEoT-GgRk3cPfdvpVyw&gpic=UID%3D00000c4b24e6e880%3AT%3D1690957828%3ART%3D1690957828%3AS%3DALNI_MalWulxxVBTL0RMUluHZaVXcd7Esw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3300933183665&frm=20&pv=1&ga_vid=718120822.1690957827&ga_sid=1690957828&ga_hid=1609635220&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44788441%2C44797784&oid=2&pvsid=3264366642444970&tmod=2017836270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=73ouG556x9&p=https%3A//hiepreview.com&dtd=39
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BA14 179 KB
56 KB 110ms
110ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Aug 2023 06:30:29 GMT

GET
H2 200 be510c26caa47b2219b733ddba985099.js Show response
www.gstatic.com/mysidia/ Frame BA14 33 KB
14 KB 99ms
98ms Script
text/javascript 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/be510c26caa47b2219b733ddba985099.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

ff928bca5a80772152dcedbbb4ec789c9b73af85b51f6a8cfba2e484a0cb54b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:00:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 440982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14157
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 03:44:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 04:00:47 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 125E 13 KB
5 KB 97ms
89ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hiepreview.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 3820
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 02 Aug 2023 05:26:49 GMT
expires: Thu, 01 Aug 2024 05:26:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AFB1 783 B
972 B 110ms
108ms Document
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

GSE /

Resource Hash

bfaee9d173d90a7dcb5d6cb6e5e62ff85b22c76fdb3400c171817d6bbb07f9f5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hZCKCWAO33LhIjLGOSZ_bw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hiepreview.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-hZCKCWAO33LhIjLGOSZ_bw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 02 Aug 2023 06:30:29 GMT
expires: Wed, 02 Aug 2023 06:30:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5F4B 1 KB
643 B 95ms
86ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

age: 53849
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Aug 2023 15:33:00 GMT
etag: 48472445140208031
expires: Wed, 02 Aug 2023 15:33:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/5049050769119798902/ Frame BA14 29 KB
29 KB 81ms
81ms Image
image/jpeg 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5049050769119798902/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

42011f7c6ec092e85b642456916726de448010e0985c2097e73307b56efe3ef0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 06:04:37 GMT
x-content-type-options: nosniff
age: 347152
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29378
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 03:50:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Jul 2024 06:04:37 GMT

GET
DATA 200
OK truncated
/ Frame BA14 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame BA14 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A4D2 0
19 B 122ms
121ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6aD9A_jJZPG8Ob6QqMwPkbmK8AvIjNa_caqm4JvnEdvZHhABILDt5Thg7fzdhawboAH_ku_SKcgBA6kCZnaHXxQCjD6oAwHIA8kEqgTuAU_QAMmuzWE5Qlq7UDbIBZJmOnr2ovqicjcPbLRLBKw1QnwshUghIp09kJlsW_ep7FE16epjiGEyHduP0Xe3Ddp6bG2hFsSsd1Wk7NV2ILtWp9uvlX1yadVcYt2PVuJlbVberiQYIaNeWU2A3XM4bP8oo7dh6C6TDkEM4clVFYodSfuXTk52zjhv_VryN5MrGeMEcSwZSSTRNjizWfDohAY--S1RLT54RxAD96Cw2Wi9SYpz6VywPKCK_zDPm5GTF-SYKVPJnZedqA31NzNvpdE3dDor8Rlux2fAwM-nqLhwOujSFuZAB4dOt_H96_HABOWjrJOvBJIFBAgEGAGSBQQIBRgEoAYDgAf_yr-yBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELziBdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwrQFQGAFwGyFxwKGggAEhRwdWItMzczNjY4OTg5OTcwNjI4MBgA&sigh=TMmTC41uV8w&uach_m=[UACH]&cid=CAQSGwBpAlJWgkroGd-mkDSI3Q7gRts_AvSKz3mTthgB&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230731/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230731/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 02 Aug 2023 06:30:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4F65
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

93ms
92ms

Document
text/html

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230731/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Aug 2023 06:30:29 GMT
expires: Wed, 02 Aug 2023 06:30:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Aug 2023 06:30:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BA14 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48bdd97d5b1b5f3af9fe59bfd651fcb2112446b5374e61cbd769dcb33e329615

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AFB1 0
0 112ms
111ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230731&jk=3264366642444970&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame BA14 33 KB
34 KB 246ms
80ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 350788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 05:04:01 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 5F4B 35 B
463 B 274ms
86ms Image
image/gif 91.228.74.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOW8KK-v1VXySo5UBRrEeJA&google_cver=1&google_push=AaAOQGFsIq3iyz6AHJF-GjJ7Dw-_UU0INj6ggSPnyZmcivzjtFhOc112a2Oy2yk3xzwrC3B5KJiS5eOf8TOEZ7IU8Y8ihnRbiesuSzY

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.159 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 06:30:29 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 5F4B 0
104 B 306ms
120ms Image
text/plain 89.207.16.140
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEF-V0s7-BWxsB7iV76bHuEo&google_cver=1&google_push=AaAOQGHKlj0v788WMULyRPuEM3e7NEz4aDsPmIZl5yY7bc-1SQFgSCLIXvJt87WEUVK-OVpNcIEQXOmNbPGkVSwxzfh3e7VfKZdjbw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3736689899706280&output=html&h=280&adk=674392158&adf=2704615477&pi=t.aa~a.1477775757~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1690932803&rafmt=1&to=qs&pwprc=3392351627&format=1200x280&url=https%3A%2F%2Fhiepreview.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690957828781&bpp=4&bdt=3232&idt=4&shv=r20230731&mjsv=m202307260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Def3f8cb2b6c26225-22ff50cf70e300b9%3AT%3D1690957828%3ART%3D1690957828%3AS%3DALNI_MZ1TgshB6NwEoT-GgRk3cPfdvpVyw&gpic=UID%3D00000c4b24e6e880%3AT%3D1690957828%3ART%3D1690957828%3AS%3DALNI_MalWulxxVBTL0RMUluHZaVXcd7Esw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3300933183665&frm=20&pv=1&ga_vid=718120822.1690957827&ga_sid=1690957828&ga_hid=1609635220&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44788441%2C44797784&oid=2&pvsid=3264366642444970&tmod=2017836270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=73ouG556x9&p=https%3A//hiepreview.com&dtd=39
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.207.16.140 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams03-nessy-float2.dotomi.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 06:30:29 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 5F4B 70 B
265 B 350ms
116ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHbfuTiwglDSPnOFuaqv0Zk&google_cver=1&google_push=AaAOQGEa1JdibqGjVNsh1K0bU8NJuyf4V4HY_cv1i4RLRGD5V2lcyIrXWSZnbRt8lF1-A8V2fTTebEDJNPKSFqUQ_LidwSjCWsV9dbI
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3736689899706280&output=html&h=280&adk=674392158&adf=2704615477&pi=t.aa~a.1477775757~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1690932803&rafmt=1&to=qs&pwprc=3392351627&format=1200x280&url=https%3A%2F%2Fhiepreview.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690957828781&bpp=4&bdt=3232&idt=4&shv=r20230731&mjsv=m202307260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Def3f8cb2b6c26225-22ff50cf70e300b9%3AT%3D1690957828%3ART%3D1690957828%3AS%3DALNI_MZ1TgshB6NwEoT-GgRk3cPfdvpVyw&gpic=UID%3D00000c4b24e6e880%3AT%3D1690957828%3ART%3D1690957828%3AS%3DALNI_MalWulxxVBTL0RMUluHZaVXcd7Esw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3300933183665&frm=20&pv=1&ga_vid=718120822.1690957827&ga_sid=1690957828&ga_hid=1609635220&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44788441%2C44797784&oid=2&pvsid=3264366642444970&tmod=2017836270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=73ouG556x9&p=https%3A//hiepreview.com&dtd=39
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 02 Aug 2023 06:30:29 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 5F4B 0
173 B 203ms
81ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEKp-beDfBM9ufeQx3w44WUE&google_cver=1&google_push=AaAOQGFBT1KN2jwxujbeOqet09lQowYkGS3OKFnkRy6VJgRfYgYZFVfUzXogF-L0GTXuZDkiN_ucx4lET-d1_r-qQov9x89nwRRCjw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3736689899706280&output=html&h=280&adk=674392158&adf=2704615477&pi=t.aa~a.1477775757~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1690932803&rafmt=1&to=qs&pwprc=3392351627&format=1200x280&url=https%3A%2F%2Fhiepreview.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690957828781&bpp=4&bdt=3232&idt=4&shv=r20230731&mjsv=m202307260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Def3f8cb2b6c26225-22ff50cf70e300b9%3AT%3D1690957828%3ART%3D1690957828%3AS%3DALNI_MZ1TgshB6NwEoT-GgRk3cPfdvpVyw&gpic=UID%3D00000c4b24e6e880%3AT%3D1690957828%3ART%3D1690957828%3AS%3DALNI_MalWulxxVBTL0RMUluHZaVXcd7Esw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3300933183665&frm=20&pv=1&ga_vid=718120822.1690957827&ga_sid=1690957828&ga_hid=1609635220&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44788441%2C44797784&oid=2&pvsid=3264366642444970&tmod=2017836270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=73ouG556x9&p=https%3A//hiepreview.com&dtd=39
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:30:29 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5F4B
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAaAOQGGG6LYqSG9MLB22-mYAo2dRcchrRhjWOIG_taJ6fK42VM5f-Qb28klTY8NTCceuhs82IL3AJyjzUBuhhWVCjlYUbKDLOdnqlw&google_gid=CAESEHAaQS49GllHJhzM7MnWkN8&g...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCIXwp6YGEgUI6AcQAEIASnJnb29nbGVfcHVzaD1BYUFPUUdHRzZMWXFTRzlNTEIyMi1tWUFvMmRSY2NoclJoaldPSUdfdGFKNmZLNDJWTTVmLVFiMjhrbFRZOE5UQ2NldWhzODJJTDNBSnlqelVCdWhoV1...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwaXZWUkstS3VQejJibUNxNHRpa2VST3VTOHc4X1IxV2FHTzRPOWgyWWsyYw==&google_push

170 B
329 B

96ms
91ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwaXZWUkstS3VQejJibUNxNHRpa2VST3VTOHc4X1IxV2FHTzRPOWgyWWsyYw==&google_push

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 06:30:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 02 Aug 2023 06:30:29 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwaXZWUkstS3VQejJibUNxNHRpa2VST3VTOHc4X1IxV2FHTzRPOWgyWWsyYw==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 5F4B 43 B
363 B 262ms
84ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAaAOQGFAj9v--xyrpjmJ2vrT19RLnZ3hDhZptfnmWYebjpZK0B1YiQ9YSW71voHt79n2nHcpIEMZjUUVF_-BzxoszNCFJqCIxX433zk&google_gid=CAESEArRraRSSXE1PTqTDEoPWVU&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 06:30:29 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 163133
expires: Wed, 02 Aug 2023 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 5F4B
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOOGP18-Eyzn...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGGih2ZmmFPaRODoAstNxOHCkeH9YkVwvEqnQaMOB8zdImgnhdYmz6LzHx_HuCowDLsz7vTgKA7MwBPioRzkirzRuRKUFH1sruHc
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

118ms
118ms

Image
image/gif

23.192.153.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 23.192.153.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-153-28.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Wed, 02 Aug 2023 06:30:30 GMT
pragma: no-cache
date: Wed, 02 Aug 2023 06:30:30 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 02 Aug 2023 06:30:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 5F4B 0
130 B 279ms
91ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L0UZT3ba3yjjzN3LK2PX_PnrheBuh3iAZUH5a3kw1aKfnI0yzlXvgoOBviEa6sPBjxMrDYzQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:30:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 125E 37 KB
14 KB 79ms
79ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 09:17:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76393
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14704
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 Jul 2024 09:17:16 GMT

GET
H3 200 YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 2DAA 37 KB
14 KB 91ms
91ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230731/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 09:17:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76393
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14704
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 Jul 2024 09:17:16 GMT

GET
H3 200 YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js Show response
pagead2.googlesyndication.com/bg/ Frame EB35 37 KB
14 KB 81ms
80ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js

Requested by

Host: hiepreview.com
URL: https://hiepreview.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 09:17:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76393
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14704
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 Jul 2024 09:17:16 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 125E 0
10 B 80ms
79ms Image
text/plain 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?1vCrTQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:30:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BA14 0
19 B 123ms
122ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ctf65BPjJZI_LOL-1o9kPmve36Aa5_tXwcbve_9X2Ds_Isq6_GxABILDt5Thg7fzdhawboAGV59fUA8gBCagDAcgDywSqBO0BT9DNcSQM8GwbMD2HADZ12AUBqw2vGL1U1fbVa1X7zSt2efksU_f2q-2Dhhy53hUh5DnJjDW8ImzdnYTBuvu6j8y6HrpAAlKin8N3VI5K2yXY7Je_XjXqnSHGmSKTiUaSzUB0-kjcwBznNNCPeepDnzI6ilD8jgWUkhe3t2ZAdURA3DbhGY30nJYagqO2aeHU3z7NohzfL2HXsr0QM7owmICYMsEwtoeJRRNP3bEXDo7bnbFNmsgfxozZcubztTZP2jlBMcxiXxs9UQG1-WGCl8WicsJWNa8GJArMGUP_lSM4VuBWbHpLXFfPbHkIwAT8jqHv5QOSBQQIBBgBkgUECAUYBKAGLoAH05ioK6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIfiAtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwGiDAgqBgoEw7CxAtgTCtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zNzM2Njg5ODk5NzA2MjgwGAA&sigh=jK0v9Ebp9K0&uach_m=[UACH]&cid=CAQSPABpAlJWlmq5eyeBG483Qi36prMmiXheaqJ_iAO0oKVk0lLgA6RnF8w0oFy0P3x_Ld3levk7z_OLsGF6AxgB&template_id=5000&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3736689899706280&output=html&h=280&adk=674392158&adf=2704615477&pi=t.aa~a.1477775757~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1690932803&rafmt=1&to=qs&pwprc=3392351627&format=1200x280&url=https%3A%2F%2Fhiepreview.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690957828781&bpp=4&bdt=3232&idt=4&shv=r20230731&mjsv=m202307260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Def3f8cb2b6c26225-22ff50cf70e300b9%3AT%3D1690957828%3ART%3D1690957828%3AS%3DALNI_MZ1TgshB6NwEoT-GgRk3cPfdvpVyw&gpic=UID%3D00000c4b24e6e880%3AT%3D1690957828%3ART%3D1690957828%3AS%3DALNI_MalWulxxVBTL0RMUluHZaVXcd7Esw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3300933183665&frm=20&pv=1&ga_vid=718120822.1690957827&ga_sid=1690957828&ga_hid=1609635220&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44788441%2C44797784&oid=2&pvsid=3264366642444970&tmod=2017836270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=73ouG556x9&p=https%3A//hiepreview.com&dtd=39
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 02 Aug 2023 06:30:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 6D2E 14 KB
1 KB 89ms
88ms Stylesheet
text/css 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3736689899706280&output=html&h=280&adk=2649660192&adf=2757440325&pi=t.aa~a.3070487459~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1690932803&rafmt=1&to=qs&pwprc=3392351627&format=1200x280&url=https%3A%2F%2Fhiepreview.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690957828781&bpp=2&bdt=3232&idt=-M&shv=r20230731&mjsv=m202307260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Def3f8cb2b6c26225-22ff50cf70e300b9%3AT%3D1690957828%3ART%3D1690957828%3AS%3DALNI_MZ1TgshB6NwEoT-GgRk3cPfdvpVyw&gpic=UID%3D00000c4b24e6e880%3AT%3D1690957828%3ART%3D1690957828%3AS%3DALNI_MalWulxxVBTL0RMUluHZaVXcd7Esw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3300933183665&frm=20&pv=1&ga_vid=718120822.1690957827&ga_sid=1690957828&ga_hid=1609635220&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1573&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44788441%2C44797784&oid=2&pvsid=3264366642444970&tmod=2017836270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=jR7YFZschu&p=https%3A//hiepreview.com&dtd=32

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f10.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 02 Aug 2023 06:30:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 05:44:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 02 Aug 2023 06:30:30 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/ Frame 6D2E 2 KB
892 B 81ms
80ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 17:57:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 17:57:45 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230731/r20110914/ Frame 6D2E 23 KB
9 KB 81ms
80ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230731/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

ea6f61e80a6b2aac4475b8855e3263f3932f018388ce60e2ae6d5992e2ae4325

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 17:57:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9116
x-xss-protection: 0
server: cafe
etag: 5341217345868469740
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 17:57:45 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/ Frame 6D2E 3 KB
1 KB 97ms
96ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 17:57:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45166
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 17:57:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/ Frame 6D2E 20 KB
8 KB 82ms
81ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

701511a8f659a2d9900ee663be0d19caa776005208107690d1f43ce6d8bd870e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 17:57:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45166
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 9725510470914717636
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 17:57:44 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6D2E 0
0 87ms
86ms Image
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRpTDBP_2fXV0BalcDMQXTO5KrPid9702SiNFZXMg65rv1B67ZIxEXUoGMK_sAv1CQhFOPZkx9l1X6XsueTo34V3eoqvw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3736689899706280&output=html&h=280&adk=2649660192&adf=2757440325&pi=t.aa~a.3070487459~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1690932803&rafmt=1&to=qs&pwprc=3392351627&format=1200x280&url=https%3A%2F%2Fhiepreview.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690957828781&bpp=2&bdt=3232&idt=-M&shv=r20230731&mjsv=m202307260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Def3f8cb2b6c26225-22ff50cf70e300b9%3AT%3D1690957828%3ART%3D1690957828%3AS%3DALNI_MZ1TgshB6NwEoT-GgRk3cPfdvpVyw&gpic=UID%3D00000c4b24e6e880%3AT%3D1690957828%3ART%3D1690957828%3AS%3DALNI_MalWulxxVBTL0RMUluHZaVXcd7Esw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3300933183665&frm=20&pv=1&ga_vid=718120822.1690957827&ga_sid=1690957828&ga_hid=1609635220&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1573&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44788441%2C44797784&oid=2&pvsid=3264366642444970&tmod=2017836270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=jR7YFZschu&p=https%3A//hiepreview.com&dtd=32
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6D2E 179 KB
56 KB 99ms
98ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:30:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Aug 2023 06:30:30 GMT

GET
H3 200 57adb899ea29f9dbe2017a856681fc42.js Show response
www.gstatic.com/mysidia/ Frame 6D2E 33 KB
14 KB 79ms
78ms Script
text/javascript 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/57adb899ea29f9dbe2017a856681fc42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

e98c0d22ad85bf205d6781eb3b61d805dba90e8a03d6ad62362e047030825334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 20:05:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 123923
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14152
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 19:53:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 29 Oct 2023 20:05:07 GMT

GET
H3 200 YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 77F6 37 KB
14 KB 79ms
78ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 09:17:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14704
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 Jul 2024 09:17:16 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/4572326862514085655/ Frame 6D2E 23 KB
23 KB 125ms
125ms Image
image/jpeg 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4572326862514085655/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

41b325e18ac02e6fb824dbf400e41006e49bd378318ca2314e8730d845d5ef6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:30:30 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23847
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 19:20:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 01 Aug 2024 06:30:30 GMT

GET
DATA 200
OK truncated
/ Frame 6D2E 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6D2E 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 88FE 1 KB
643 B 79ms
79ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

age: 53850
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Aug 2023 15:33:00 GMT
etag: 48472445140208031
expires: Wed, 02 Aug 2023 15:33:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6D2E 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88ffd473f1b8aace1adf5d9c23e95dba0dcf8c141235bc60a5f7dc1317e8b1f3

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 88FE
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECusu4L8gVgD3VEdFCOVbpg&google_cver=1&google_push=AaAOQGFytAkmEDB6q7HA-H5D88hd00YzW0MXbbPofKEETZL3FVfZBROTP1...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AaAOQGFytAkmEDB6q7HA-H5D88hd00YzW0MXbbPofKEETZL3FVfZBROTP1ESm6OMUykDEbcpEQTFUKf7g-_I_0OvZb41bEAv20gGPg&google_hm=inTvOJIreY...

170 B
188 B

92ms
92ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AaAOQGFytAkmEDB6q7HA-H5D88hd00YzW0MXbbPofKEETZL3FVfZBROTP1ESm6OMUykDEbcpEQTFUKf7g-_I_0OvZb41bEAv20gGPg&google_hm=inTvOJIreYNL_MAkQdXUWg

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 06:30:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AaAOQGFytAkmEDB6q7HA-H5D88hd00YzW0MXbbPofKEETZL3FVfZBROTP1ESm6OMUykDEbcpEQTFUKf7g-_I_0OvZb41bEAv20gGPg&google_hm=inTvOJIreYNL_MAkQdXUWg
pragma: no-cache
date: Wed, 02 Aug 2023 06:30:30 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 88FE
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMSvZoau09z06eikKDZsOug&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMSvZoau09z06eikKDZsOug&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cjRHalUzY3cxUXI1bm81&google_gid=CAESEMSvZoau09z06eikKDZsOug&google_cver=1&google_push=AaAOQGEibmggd3Wb8EKS9keoUl8-TLv6VJeNBHc1JvQVaRP...

170 B
188 B

91ms
91ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cjRHalUzY3cxUXI1bm81&google_gid=CAESEMSvZoau09z06eikKDZsOug&google_cver=1&google_push=AaAOQGEibmggd3Wb8EKS9keoUl8-TLv6VJeNBHc1JvQVaRPMizZ5B1xC12_906b7TAvu1ZUM9XufcWe1PjwkCGcFh43QuX1bM4cUZg

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 06:30:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 02 Aug 2023 06:30:30 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-785-gcf3d607#rel-ec2-master i-0ec636c0031116ef8@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cjRHalUzY3cxUXI1bm81&google_gid=CAESEMSvZoau09z06eikKDZsOug&google_cver=1&google_push=AaAOQGEibmggd3Wb8EKS9keoUl8-TLv6VJeNBHc1JvQVaRPMizZ5B1xC12_906b7TAvu1ZUM9XufcWe1PjwkCGcFh43QuX1bM4cUZg
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 88FE
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEDQlPEt4NsRA61b96ke_M1w&google_cver=1&google_push=AaAOQGHxTgqbO-0cmKuS4MudizEVHD0-iYqGcJv9eDUJSTTysQgR-PEKHvZIoHINrIJ7MwM5tOUt-FD_iytt3DIeQgFdQYEtiedvfw
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2538E236BCF24ABEBBF0F26F73F02CBC&google_push=AaAOQGHxTgqbO-0cmKuS4MudizEVHD0-iYqGcJv9eDUJSTTysQgR-PEKHvZIoHINrIJ7MwM5tOUt-FD_iytt3DI...

170 B
188 B

90ms
89ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2538E236BCF24ABEBBF0F26F73F02CBC&google_push=AaAOQGHxTgqbO-0cmKuS4MudizEVHD0-iYqGcJv9eDUJSTTysQgR-PEKHvZIoHINrIJ7MwM5tOUt-FD_iytt3DIeQgFdQYEtiedvfw

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 06:30:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 02 Aug 2023 06:30:30 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2538E236BCF24ABEBBF0F26F73F02CBC&google_push=AaAOQGHxTgqbO-0cmKuS4MudizEVHD0-iYqGcJv9eDUJSTTysQgR-PEKHvZIoHINrIJ7MwM5tOUt-FD_iytt3DIeQgFdQYEtiedvfw
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 01 Aug 2023 06:30:30 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 88FE
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKc-M11DD6GrtsO0mlpEfvs&google_cver=1&google_push=AaAOQGHRG4hds6uBUDAYCEZ04urZdzGW4CmrUKcZvnnmp_qAlhmhQTCQ2H76Mrc-wKU0Tr7f-V7BGCmzhmUaoba4G6AxgQ3...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGHRG4hds6uBUDAYCEZ04urZdzGW4CmrUKcZvnnmp_qAlhmhQTCQ2H76Mrc-wKU0Tr7f-V7BGCmzhmUaoba4G6AxgQ3CwFLJXA&google_hm=eS1feWh5Mk5aRTJwSGc3...

170 B
188 B

92ms
91ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGHRG4hds6uBUDAYCEZ04urZdzGW4CmrUKcZvnnmp_qAlhmhQTCQ2H76Mrc-wKU0Tr7f-V7BGCmzhmUaoba4G6AxgQ3CwFLJXA&google_hm=eS1feWh5Mk5aRTJwSGc3dkNKaHQ0UTc4MFFZblRoR0JINn5B

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 06:30:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 02 Aug 2023 06:30:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGHRG4hds6uBUDAYCEZ04urZdzGW4CmrUKcZvnnmp_qAlhmhQTCQ2H76Mrc-wKU0Tr7f-V7BGCmzhmUaoba4G6AxgQ3CwFLJXA&google_hm=eS1feWh5Mk5aRTJwSGc3dkNKaHQ0UTc4MFFZblRoR0JINn5B
content-length: 0

GET
H2 200 google
d5p.de17a.com/cookies/ Frame 88FE 35 B
125 B 338ms
110ms Image
image/gif 213.155.156.184
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d5p.de17a.com/cookies/google?google_gid=CAESEIHIaaX-vzfjDkQUbqgYhoM&google_cver=1&google_push=AaAOQGGKt2vZ1GqPJ5hTwtEA2l4Dyicgf6kuOkO2JEZeDaylKNsj3SNo6PPg9dkJiqZcrnYnqY1yd5Zn4ao_RpJtNCuzXcydNpBC3Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3736689899706280&output=html&h=280&adk=2649660192&adf=2757440325&pi=t.aa~a.3070487459~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1690932803&rafmt=1&to=qs&pwprc=3392351627&format=1200x280&url=https%3A%2F%2Fhiepreview.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690957828781&bpp=2&bdt=3232&idt=-M&shv=r20230731&mjsv=m202307260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Def3f8cb2b6c26225-22ff50cf70e300b9%3AT%3D1690957828%3ART%3D1690957828%3AS%3DALNI_MZ1TgshB6NwEoT-GgRk3cPfdvpVyw&gpic=UID%3D00000c4b24e6e880%3AT%3D1690957828%3ART%3D1690957828%3AS%3DALNI_MalWulxxVBTL0RMUluHZaVXcd7Esw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3300933183665&frm=20&pv=1&ga_vid=718120822.1690957827&ga_sid=1690957828&ga_hid=1609635220&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1573&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44788441%2C44797784&oid=2&pvsid=3264366642444970&tmod=2017836270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=jR7YFZschu&p=https%3A//hiepreview.com&dtd=32
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.155.156.184 , Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
content-length: 35
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 88FE 43 B
362 B 85ms
84ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAaAOQGFNW1XP7Kw1Y4EgJfw1RyZRjcyrK7BwPJxwMxFYTZKrtSBhLURphBYKra4fUQVn72RXfbQQxHrILOKUSPDdo0Q6FW7_4VaT&google_gid=CAESEA5g_4oYjNlCDNxPRJTkv5M&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 06:30:30 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 260066
expires: Wed, 02 Aug 2023 00:00:00 GMT

GET
H2 200 trk
ag.innovid.com/ Frame 88FE 43 B
296 B 321ms
79ms Image
image/gif 13.41.219.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESENDnH95OjYi6yAw1Jkc1qZY&google_cver=1&google_push=AaAOQGFeWdiXkupjAEkdgNdGut8DlRLDOh3n1oE3S_TRNNUFyBSmWUt2gEWsUM6vnkrPdgxViUqslo0msCXwMpaM_B1cacMJfdKcuA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3736689899706280&output=html&h=280&adk=2649660192&adf=2757440325&pi=t.aa~a.3070487459~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1690932803&rafmt=1&to=qs&pwprc=3392351627&format=1200x280&url=https%3A%2F%2Fhiepreview.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690957828781&bpp=2&bdt=3232&idt=-M&shv=r20230731&mjsv=m202307260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Def3f8cb2b6c26225-22ff50cf70e300b9%3AT%3D1690957828%3ART%3D1690957828%3AS%3DALNI_MZ1TgshB6NwEoT-GgRk3cPfdvpVyw&gpic=UID%3D00000c4b24e6e880%3AT%3D1690957828%3ART%3D1690957828%3AS%3DALNI_MalWulxxVBTL0RMUluHZaVXcd7Esw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3300933183665&frm=20&pv=1&ga_vid=718120822.1690957827&ga_sid=1690957828&ga_hid=1609635220&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1573&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44788441%2C44797784&oid=2&pvsid=3264366642444970&tmod=2017836270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=jR7YFZschu&p=https%3A//hiepreview.com&dtd=32
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.41.219.205 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-41-219-205.eu-west-2.compute.amazonaws.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 02 Aug 2023 06:30:30 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 88FE 0
12 B 89ms
88ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KG5OeSJ7HbnU5Tbc4_XriyCou39g1tUwu1IPvtCoAKV0Uy10mEMGufEziq_RA6ZdxYoQXc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:30:30 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 6D2E 33 KB
33 KB 80ms
79ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 350789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 05:04:01 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6D2E 0
19 B 122ms
122ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cb9qjBPjJZOv3NK6QjuwP7sKToA-35d6QbezitavPEaCWgOyQAhABILDt5Thg7QSgAZrckPcCyAEJqQJc6E-7hXCyPqgDAcgDywSqBMQBT9CTCFidSXmOA1YurKWNA4nv56MEdPFsGFdgHt2vqWEaFOwTEULbxyUv6PHg0MK0qAcSy6hpX3VVqpo_RTYs_OBvwdvUeWaszyeqwgO3VcCfx8bR7LTJ7ArJw8H5hNIP9GhJxl3uZTCPc4UE7rnAI2eTvKqwFkulELpBmxh2qrVO1ASlHrPF6WMgh16PbuQQMoHHufmd-KtDwOQF-G5Gu6-9DHnzzw3F0duLhmV2KnvEzJ74wYJaMLKuqZJ_j6Be6gwo4sAE7rrivtQBkgUECAQYAZIFBAgFGASgBi6AB86j74gBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwMQkDXSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB2BMK0BUBgBcBshccChoIABIUcHViLTM3MzY2ODk4OTk3MDYyODAYAA&sigh=P3xajfUizDw&uach_m=[UACH]&cid=CAQSPABpAlJWTlE5LjkzO97liujXuJ5hawlQXw4Gxwy7zY73Y0-ls_G-0QyLl-BzbBAgbQcsDc6UCZn2rsPhFhgB&template_id=5000&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3736689899706280&output=html&h=280&adk=2649660192&adf=2757440325&pi=t.aa~a.3070487459~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1690932803&rafmt=1&to=qs&pwprc=3392351627&format=1200x280&url=https%3A%2F%2Fhiepreview.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690957828781&bpp=2&bdt=3232&idt=-M&shv=r20230731&mjsv=m202307260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Def3f8cb2b6c26225-22ff50cf70e300b9%3AT%3D1690957828%3ART%3D1690957828%3AS%3DALNI_MZ1TgshB6NwEoT-GgRk3cPfdvpVyw&gpic=UID%3D00000c4b24e6e880%3AT%3D1690957828%3ART%3D1690957828%3AS%3DALNI_MalWulxxVBTL0RMUluHZaVXcd7Esw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3300933183665&frm=20&pv=1&ga_vid=718120822.1690957827&ga_sid=1690957828&ga_hid=1609635220&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1573&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44788441%2C44797784&oid=2&pvsid=3264366642444970&tmod=2017836270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=jR7YFZschu&p=https%3A//hiepreview.com&dtd=32
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 02 Aug 2023 06:30:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 028A 37 KB
14 KB 79ms
79ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 09:17:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14704
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 Jul 2024 09:17:16 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A4D2 42 B
64 B 113ms
112ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstujid2DTb5f6ll9-NiDj3-GDhid6tEnZdZ3DBgsBg1ienlXh0PrzcNsHE-zKFr_lwxUJ30ogPmPGOTraFXCjfHQM6rxU8ZtDOTh2b1e3CELfpq7ETonsb_yh5q0YqK7s_wD1Y_1qikG_sH&sai=AMfl-YT0oqq8CGFlMarlfMJpXKm6lGqDeOLTC6B18IPHyGv0jMAuiDkPB5ARfOxfJpYppy2Ra5C2n7UY5ndv&sig=Cg0ArKJSzNikc3zAZQAkEAE&cid=CAQSGwBpAlJWgkroGd-mkDSI3Q7gRts_AvSKz3mTthgB&id=lidar2&mcvt=1003&p=0,0,124,1005&mtos=326,958,1003,1003,1003&tos=326,632,45,0,0&v=20230726&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690957828900&rpt=581&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 06:30:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 115ms
115ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230731&jk=3264366642444970&bg=!Tk2lTRnNAAZGOVy5Zjk7ADkAdvg8WmpeFPnim5rJEmNwl9fw_U9OFmq0LwaLoVA6ZQUd0FMXH_2MOVM8r2PAP0UJsnyE_AjG1C0CAAABKlIAAAAHaAEHmQLDVOkP395nZgY1NequhpUN-UZuKVdK4Xwn0ArgN65rPycktbRT1oX0BSg_ITzDR8f51DNA0rIQJOICb1b-QRIKcmn98keVKAepuEdc5iFIOKco_pK9PIeMFPaohJpgJHf_4IPsgGJqdIYAan1rEDVG1ZgZJasJVqtZrd6QaA8SYH5ibr7V17pvELdjrT6yAwTnkRXocD5hRLSPalXQOsifQWu-EK-wcKiXKqrXpGulDnw8PbsBRjpogRPiD2cVJt9lwxdpQ330Y2CNL-faiv5PZhhNDDFaoXFuT64eG12Pm8zN8jCBnct8QxuCNsp_FgrbSBDWvXKkEgWd-laYGU2EJtmzBvmRX7JgDU-m9_xhXbrgAbEJUQv8nKFBpDNtRnyo1gbjfVtSwT86bYKzvCNi9Fpv2UXwHDk6fD-BY3O506Sezk1wRKY2YK6ZdZINZQpifWLuKBT0BZxYgQUM9-C6JLkD41vTh6LtIvbiGIjMQG7gBD1j2e9nT3-KsFqOjGY5uO1cGL1Ii0B7cRJ2JeDkuKtRj28Qm2bHzDbE1_NTdgNsO7r5PRreiTFxG3ArHniD-bWxrmAkuUq8dsWjUFds9n94nAbYEIZRAMzr42wWHlFDPK7X0VH7idJisam74M7mAf3dCeKQoCN62Is6vrG8gy2gcRLOYPt6H0pjglymfk2sAvdm8a6sjAPUZzZUOBrK3zPPBiJCGT9uQppVdVQkrOgV6S96Bvn3cOhNdd_f2X5RV7AFYmE2RK1pQwwN7mEqTJ5DiNz1Umv8wP0X4WFkFyaj-rmbs1aegBkvsGe09qgejMg8w3i6ewV3oyhO6eI4nEArByV7sbx4PY6MjCiVcssCo9AofCDpi32XPzRcclqn_sSI09qIPHemzWecP5GUl3LCxpG_ZwDlGGkwaP1J0CaZYtX-KlzMyubbCghT3kNIBsg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hiepreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hiepreview.com/	1970-01-20 23:18:37	Name: js_session1 Value: 462c878c057ed04d-ac2bfd4a1240908088e89181-8151f3a12588c9566ece3ffa98decf873114c9c1d458ae542cf868c76f9532
.hiepreview.com/	1970-01-20 23:18:37	Name: _ga_1FYPHZY4FB Value: GS1.1.1690957827.1.0.1690957827.0.0.0
.hiepreview.com/	1970-01-20 23:18:37	Name: _ga Value: GA1.1.718120822.1690957827
.hiepreview.com/	1970-01-20 23:04:13	Name: __gads Value: ID=ef3f8cb2b6c26225-22ff50cf70e300b9:T=1690957828:RT=1690957828:S=ALNI_MZ1TgshB6NwEoT-GgRk3cPfdvpVyw
.hiepreview.com/	1970-01-20 23:04:13	Name: __gpi Value: UID=00000c4b24e6e880:T=1690957828:RT=1690957828:S=ALNI_MalWulxxVBTL0RMUluHZaVXcd7Esw
.doubleclick.net/	1970-01-20 13:42:41	Name: DSID Value: NO_DATA
.rlcdn.com/	1970-01-20 22:28:13	Name: rlas3 Value: MawwmcynH3//JP97JMixDaZt581YlQvgK8jwib5gaLs=
.blismedia.com/	1970-01-20 22:28:17	Name: b Value: 64C9F805EFD4AA52408453EBBLIS
.quantserve.com/	1970-01-20 15:52:13	Name: d Value: EH8BCQHOKYEA
.quantserve.com/	1970-01-20 23:12:52	Name: mc Value: 64c9f805-e1309-3b87c-4b09c
.rlcdn.com/	1970-01-20 15:09:01	Name: pxrc Value: CIXwp6YGEgUI6AcQABIGCOndKhAA
.doubleclick.net/	1970-01-20 23:04:13	Name: IDE Value: AHWqTUmTxzWNXApPtzwBBHe2_NyhvaOa2FVDOhmdowEuhvuu5bYsd7P9cbd2PcjkIKQ
.simpli.fi/	1970-01-20 22:29:40	Name: suid Value: 2538E236BCF24ABEBBF0F26F73F02CBC
.yahoo.com/	1970-01-20 22:28:35	Name: A3 Value: d=AQABBAb4yWQCEDfB6zuEvp5qtEAiwVrSiegFEgEBAQFJy2TTZAAAAAAA_eMAAA&S=AQAAAvIb30SmBuimrkFoB-GPHO8
.innovid.com/	1970-01-20 15:52:13	Name: uuid Value: ec3ef077-7b46-4c0d-a083-7b501bc5c105-20230802 02:30:30
.w55c.net/	1970-01-20 23:14:18	Name: wfivefivec Value: r4GjU3cw1Qr5no5
.w55c.net/	1970-01-20 14:25:49	Name: matchgoogle Value: 5

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://hiepreview.com/(Line 1132) Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ag.innovid.com
cm.g.doubleclick.net
cms.quantserve.com
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hiepreview.com
id.rlcdn.com
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pr-bh.ybp.yahoo.com
region1.google-analytics.com
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
13.41.219.205
142.250.181.226
142.250.184.193
142.250.184.196
142.250.184.226
142.250.185.130
142.250.185.67
142.250.185.98
142.250.186.168
142.250.186.35
171.244.32.208
172.217.18.10
178.250.1.9
213.155.156.184
216.239.34.36
216.58.206.34
23.192.153.28
3.120.19.63
34.91.62.186
34.96.105.8
35.244.174.68
52.212.161.120
52.223.40.198
89.207.16.140
91.228.74.159
04f738b64159df90ae858b7613741625d0d2fc038ba7dc57dc5f41912882be1b
06cdade44dac88d41cabcbe75e94a5d99a4a6ac6f568471679e05220fe4f4e0a
0a7be7f1ad956a7afceaacdcf1a94eefdf6a1102dd1525c3c2df215012bfc8a7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
133f2bf2c029e1d5e4b8399845a679a188f7b974f291cde84281950119f2b545
156a54ec0ab06c5f60e63d6a4cd01ec47408d872cb229acbfd2bca1cb17c6ab8
161e52c4b692658beb132e5501f8b03779c0fafa343d60db3e2640f3ec76a39a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1ba654ddd74ed0397ffdbd8115233dc41821bc3a553a5e5cd06d5b1d055cac9d
1cd6396792d7bfdd898dcb9f2ee195387179b30fb4cc2cdc0c57575fab655230
1e5308d8cac8eff9f6db9746a719a946e6a8c269a1bc3c2df0b9d407c0830c4b
2c97fe99a17266eb6db3fff97b640fcca7d6799126f979ee4d1d03ede91ceffd
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e26f757276e0c569a913833205a9d985166cf07cfbc22afff835b55c5102648
30ce41013884ad91288b2598001a775ee8cf40264b9d704ff17ba57aba2acdaf
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34e0bb5c5ed1184e6452cf7562faf332af1a26e95e50e035ff0a9f7065e6df9e
385e0f472666744d94c9649163327b10f5ec4389b4e070d82f7cbf68a8c8ca6e
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
41b325e18ac02e6fb824dbf400e41006e49bd378318ca2314e8730d845d5ef6f
42011f7c6ec092e85b642456916726de448010e0985c2097e73307b56efe3ef0
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
452de22363265132d670955d334feed39a3a871984d5d8993e047aa2910d3f8e
48bdd97d5b1b5f3af9fe59bfd651fcb2112446b5374e61cbd769dcb33e329615
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
562629cd42293c0a89d5a5aac3645d5319caa68698ca67e2d590a9104930d726
5770c10daf8b5dc44e5e2a7138de746411af0263ed6a0dc3bc4e286f0ed22db1
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d4832361d3ef352af462e99cac31edf44d496b3dd5361a0a22888df72456fc4
5d6d5e1e2eb3fa153cb25befa6ebf31010703d5ba19ce40b2029e7507528e2ef
60247285676eba403ab989dea9febd60aebb2f7138795bd7f184dfdf71bbbeae
616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62d4e48d9df70bc32e3aebc5b906d6a58cd17a2287425e49535743e181202120
6502bdf22ef786413e7f2f327222c6506f0d737dac9697687351a77ec17abe5a
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6637fb1a5395628311ddc424fcc86288fd313350803ee678aa03ef9f63653090
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
701511a8f659a2d9900ee663be0d19caa776005208107690d1f43ce6d8bd870e
7820ec49b1f8e7160afc856bc440b30bac758d9195888c127e79463d19abab3e
814ea34133c6adfde998a28222d88123711684451dd342557488b60f5ebc4304
85d4eb2e767c5499219c94c5ba28a4be1dd392fac6602a94d0e24440baa84a78
88f21490128244f54a38864c301f0c9be49f323f6da36c5f5a6bd02175647ada
88ffd473f1b8aace1adf5d9c23e95dba0dcf8c141235bc60a5f7dc1317e8b1f3
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f723231b1a6583adfb3540ce455ae45e18842b72b377e18069691f5e5e947b3
907b06f0d2bfdd8a9a9668815251e2402c67ee48907f02917ae9dee758002f0b
909af442dc5a4603891953285b74702c653495cb4730a64773f4ea87d40e8466
947dfb7e53be67e842377d5b82d2cbff3476327ee03ca883b76d3855ccb63dfc
976841b3918648b91b12c95b14e011cc7bc3d2ccd35544766dbd4d283812124c
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
98aaacb98155d5e5b9d5b962c8d3fdcbb2c346c2c323252709f16a8e2c5fcf50
9a8395f64b765949b36e2a5356a8a630c1664ee4595c1b6a8bb548dd89199542
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9f7f1f4183509b96facc810fdceded80fa9a8662f0bbf2da42d240d19b43e384
9f877e9e23e0846f17f6ff2d31b6c96985d53691cc96de22f937f390bcabd79f
9fbc3acbf07d1022650a2a6ba9588b0bf23753c5777bf39bdd57dd504b8a1ea7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2721a86e102d7ce2db2b5763901617fa1380e35d0cd29f28e4d73376bc65f97
a69c12ccd186a899db79fce802b46c08e71f69c2c422be2666ed8565e3add026
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab1704c47e58bee6cb246c185d462420a037c2f8b26ace3321ba5329deb5507a
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
acdebf935ded5cb063dcca7c46be5bbc503af5e76e295f6d0b7093c4514ed256
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b00c2d796ad8b3433057676a4212f1d7068122828273eee590a3358e6e1e7067
b2ef05e7b186ac02978053f7c4bbe4ce735b5011b7fa9ead7ef448c1067b202e
b398b37ced0d42bb939fad15895dae53bf34dcae4c2a9d09c3a6c567c71d3852
b3e5f0eae44afeb58509405bc897b184e6c381e954bb770f070f17529ceee1ca
b40b3d21aabd3fd2ea7b32015d5fc94a317ae0d529a5fa1a2a76c9440ac799c6
b60668211c903c2fd005b23c6c0f35903b6a0c1d0234e3f3663eef60ea297d62
b87b75ff39bb757bcc4484dd8ad463cca53a7597421ce312851a720b285f2af1
b94c684bed51d422956e9ad5e96039764a8cc94a24016b895c60bd30c0d3dee9
bb731943984275a1b11d40e5b6106cdeaeede228ae5888cd2d86f0f4d7794510
bfaee9d173d90a7dcb5d6cb6e5e62ff85b22c76fdb3400c171817d6bbb07f9f5
c56e27e11411a51172713ae275e61eae1f6c6440730afcb14fa92c9dcce1849d
c6769e8c316ee298768aeb036b41b78bcf1198b02742e5fd70648c16954f53aa
c68c00a06ce866dfca4db448597b045e25d83a6c3e4524f1f8b6383c662616c6
d04a45868199c2eff13acfc1e62cf62ae70131fa42e742522351b0f9ad110a0f
d080f37c303cc27402ce4384bbf815c74d77a8a75f06a5e6eb5b82e3fe8a7270
d419084b406fb021fdacf9a0e58dd7e8afa35ca554bb030116f0ce4d67783149
d6ae51988d4acf5826e2df60e9a1537f52f4d616a9e72f6d6101a12cc05aa9bc
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
dd65544ee7ca964820d0437e380fc2904bee150fe3ffaae96fa7b44038af0c67
e10da18a420e4b3ed73b4e7f5adf994c595193e69cffbd1a8878e0cb921e3a84
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e87ad7e5a70aec3b07b2c129c24902c23a8271204d587995833a82f41d999603
e98c0d22ad85bf205d6781eb3b61d805dba90e8a03d6ad62362e047030825334
ea6f61e80a6b2aac4475b8855e3263f3932f018388ce60e2ae6d5992e2ae4325
ebf0e8c538ae3047cf5056253a32daa65d23d8fb531ea05b0f0f28d58f828143
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2e405248043b491ffd875efa95da38e29026023088329f3b527bfb0a25d9fa2
f35f122e6ce4a1a7716ec5195343a95677ce8b6499637d3dac5388c178883d7e
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
ff928bca5a80772152dcedbbb4ec789c9b73af85b51f6a8cfba2e484a0cb54b0

hiepreview.com Open in urlscan Pro 171.244.32.208 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

123 Requests

95 %HTTPS

0 %IPv6

22 Domains

25 Subdomains

22 IPs

8 Countries

1760 kBTransfer

4212 kBSize

17 Cookies

4 Outgoing links

Redirected requests

123 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 29 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hiepreview.com Open in urlscan Pro
171.244.32.208 Public Scan

Screenshot
Live screenshot

Full Image

123
Requests

95 %
HTTPS

0 %
IPv6

22
Domains

25
Subdomains

22
IPs

8
Countries

1760 kB
Transfer

4212 kB
Size

17
Cookies

123 HTTP transactions
29 data transactions