urlscan.io logo urlscan.io
SecurityTrails logo

anhdep24.com Open in urlscan Pro
151.139.128.10  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://link1s.com/VCI5R
Effective URL: https://anhdep24.com/
Submission: On March 19 via manual from PL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 69 IPs in 15 countries across 67 domains to perform 464 HTTP transactions. The main IP is 151.139.128.10, located in United States and belongs to STACKPATH-CDN, US. The main domain is anhdep24.com.
TLS certificate: Issued by R3 on March 7th 2022. Valid for: 3 months.
This is the only time anhdep24.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 9 151.139.128.10 20446 (STACKPATH...)
12 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
23 142.250.181.226 15169 (GOOGLE)
2 151.101.12.193 54113 (FASTLY)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700:310... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
6 12 2a02:2638:1::13 44788 (ASN-CRITE...)
10 2606:4700:20:... 13335 (CLOUDFLAR...)
11 178.250.2.146 44788 (ASN-CRITE...)
6 51.89.21.20 16276 (OVH)
8 2a00:1450:400... 15169 (GOOGLE)
6 6 2.19.35.65 16625 (AKAMAI-AS)
22 104.109.78.125 16625 (AKAMAI-AS)
10 37.157.2.234 198622 (ADFORM)
15 2606:4700:20:... 13335 (CLOUDFLAR...)
6 22 185.33.221.15 29990 (ASN-APPNEX)
5 185.184.8.65 204995 (RTB-HOUSE...)
1 14 188.42.29.165 7979 (SERVERS-COM)
5 2602:803:c003... 26667 (RUBICONPR...)
5 178.250.2.131 44788 (ASN-CRITE...)
12 35.244.159.8 15169 (GOOGLE)
5 2606:4700::68... 13335 (CLOUDFLAR...)
5 35.157.98.225 16509 (AMAZON-02)
5 145.40.89.200 54825 (PACKET)
1 8 69.173.144.138 26667 (RUBICONPR...)
5 7 69.173.144.165 26667 (RUBICONPR...)
5 37.157.2.236 198622 (ADFORM)
2 2a00:1288:80:... 203220 (YAHOO-DEB)
1 2620:1ec:21::14 8068 (MICROSOFT...)
9 34 142.250.186.98 15169 (GOOGLE)
3 3 2a05:d018:d29... 16509 (AMAZON-02)
1 15.197.193.217 16509 (AMAZON-02)
2 3 52.46.130.91 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
5 35.227.252.103 15169 (GOOGLE)
5 18.195.155.181 16509 (AMAZON-02)
47 2a00:1450:400... 15169 (GOOGLE)
48 2a00:1450:400... 15169 (GOOGLE)
1 ()
1 104.111.233.140 16625 (AKAMAI-AS)
11 2a00:1450:400... 15169 (GOOGLE)
6 142.250.74.194 15169 (GOOGLE)
3 5 184.51.9.98 16625 (AKAMAI-AS)
2 104.111.242.245 16625 (AKAMAI-AS)
11 2a00:1450:400... 15169 (GOOGLE)
5 159.89.25.223 14061 (DIGITALOC...)
1 66.155.71.149 13768 (COGECO-PEER1)
2 2 213.155.156.183 1299 (TWELVE99 ...)
2 3 13.248.245.213 16509 (AMAZON-02)
1 174.137.133.49 27257 (WEBAIR-IN...)
1 1 193.0.160.128 54312 (ROCKETFUEL)
1 1 20.72.149.136 8075 (MICROSOFT...)
3 4 185.94.180.125 35220 (SPOTX-AMS)
1 1 169.50.137.182 36351 (SOFTLAYER)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
2 2 37.157.4.24 198622 (ADFORM)
1 185.86.139.104 201081 (SMARTADSE...)
1 35.75.193.236 16509 (AMAZON-02)
1 3 51.75.86.98 16276 (OVH)
2 2 35.158.245.151 16509 (AMAZON-02)
1 1 185.29.134.244 30419 (MEDIAMATH...)
3 3 91.207.59.213 48061 (UMA-TECH-AS)
2 2 52.59.66.68 16509 (AMAZON-02)
1 1 3.126.56.137 16509 (AMAZON-02)
10 2a02:2638::3 44788 (ASN-CRITE...)
5 151.101.1.108 54113 (FASTLY)
5 104.17.119.107 13335 (CLOUDFLAR...)
6 6 18.185.12.233 16509 (AMAZON-02)
4 4 35.210.53.219 19527 (GOOGLE-2)
1 195.201.152.105 24940 (HETZNER-AS)
1 216.52.2.30 29791 (VOXEL-DOT...)
1 151.236.118.210 204720 (CDNETWORKS)
6 6 31.172.81.172 44066 (DE-FIRSTC...)
2 2 89.108.119.28 197695 (AS-REG)
1 31.172.81.159 44066 (DE-FIRSTC...)
1 2 2001:6d0:4001... 52016 (TNSMSK-)
1 2 2a02:6b8::90 208722 (YNDX)
1 82.145.213.8 39832 (NO-OPERA)
464 69
9    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
link1s.com
anhdep24.com
1shorten.com
12    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
3    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
23    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
2    151.101.12.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
5    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2606:4700:3108::ac42:28fd (United States)

ASN13335 (CLOUDFLARENET, US)
stpd.cloud
1    2a00:1450:400e:801::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.de
6    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
7    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ccc7a1f90e572e6e8a4b60076af0efa6.safeframe.googlesyndication.com
76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com
91ddacdc5d85c79dc53597452cb35bf8.safeframe.googlesyndication.com
158ff0f6e5982d339946055ebbe20530.safeframe.googlesyndication.com
d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com
12    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
10    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
11    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
6    51.89.21.20 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p14.id5-sync.com
id5-sync.com
8    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
6    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
22    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
10    37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
15    2606:4700:20::681a:8b2 (United States)

ASN13335 (CLOUDFLARENET, US)
prebid-stag.setupad.net
22    185.33.221.15 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
5    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
prebid-eu.creativecdn.com
14    188.42.29.165 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
5    2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
5    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
12    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
setupad-d.openx.net
us-u.openx.net
u.openx.net
5    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
5    35.157.98.225 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-98-225.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
5    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
8    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
7    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
token.rubiconproject.com
5    37.157.2.236 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
34    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
3    2a05:d018:d29:3605:706f:acaa:4e00:4ed5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
3    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
5    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
5    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
5    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
47    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
48    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    (None, )

ASN- ()
uuid
1    104.111.233.140 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-233-140.deploy.static.akamaitechnologies.com
t.6sc.co
11    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
6    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
googleads4.g.doubleclick.net
5    184.51.9.98 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-98.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
2    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
11    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
5    159.89.25.223 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
node.setupad.com
1    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    213.155.156.183 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-183.teliacarrier-cust.com
d5p.de17a.com
3    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.e-volution.ai
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
a.rfihub.com
1    20.72.149.136 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
4    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
2    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    37.157.4.24 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    35.75.193.236 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-75-193-236.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
3    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
2    35.158.245.151 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-245-151.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    91.207.59.213 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp8.sender.ltmse.com
px.adhigh.net
2    52.59.66.68 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-66-68.eu-central-1.compute.amazonaws.com
pixel.advertising.com
1    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
10    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
5    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
5    104.17.119.107 (None, )

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
6    18.185.12.233 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-12-233.eu-central-1.compute.amazonaws.com
x.bidswitch.net
4    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
1    195.201.152.105 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.105.152.201.195.clients.your-server.de
sync.dmp.otm-r.com
1    216.52.2.30 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    151.236.118.210 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)
cache.betweendigital.com
6    31.172.81.172 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
sync3.adsniper.ru
2    89.108.119.28 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51802.reg.regrucolo.ru
x01.aidata.io
1    31.172.81.159 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync3.sniperlog.ru
2    2001:6d0:4001::226 (Russian Federation)

ASN52016 (TNSMSK-, RU)
www.tns-counter.ru
2    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
an.yandex.ru
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
Apex Domain
Subdomains		 Transfer
102 googlesyndication.com
ccc7a1f90e572e6e8a4b60076af0efa6.safeframe.googlesyndication.com
76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com
91ddacdc5d85c79dc53597452cb35bf8.safeframe.googlesyndication.com
158ff0f6e5982d339946055ebbe20530.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
tpc.googlesyndication.com — Cisco Umbrella Rank: 122
d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com
504 KB
63 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
pubads.g.doubleclick.net — Cisco Umbrella Rank: 494
cm.g.doubleclick.net — Cisco Umbrella Rank: 176
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276
993 KB
48 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 944
eus.rubiconproject.com — Cisco Umbrella Rank: 503
fastlane.rubiconproject.com — Cisco Umbrella Rank: 412
pixel.rubiconproject.com — Cisco Umbrella Rank: 289
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2193
token.rubiconproject.com — Cisco Umbrella Rank: 595
133 KB
28 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 347
mug.criteo.com — Cisco Umbrella Rank: 3185
bidder.criteo.com — Cisco Umbrella Rank: 689
14 KB
27 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 205
acdn.adnxs.com — Cisco Umbrella Rank: 523
162 KB
18 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 57
5 KB
17 openx.net
setupad-d.openx.net — Cisco Umbrella Rank: 40071
rtb.openx.net — Cisco Umbrella Rank: 1359
us-u.openx.net — Cisco Umbrella Rank: 323
u.openx.net — Cisco Umbrella Rank: 621
2 KB
17 adform.net
adx.adform.net — Cisco Umbrella Rank: 4064
cm.adform.net — Cisco Umbrella Rank: 1775
c1.adform.net — Cisco Umbrella Rank: 524
7 KB
15 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1509
cache.betweendigital.com — Cisco Umbrella Rank: 17967
10 KB
15 setupad.net
prebid-stag.setupad.net — Cisco Umbrella Rank: 31581
25 KB
15 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1689
mp.4dex.io — Cisco Umbrella Rank: 2262
116 KB
11 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 343
238 KB
11 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 246
2 MB
10 criteo.net
static.criteo.net — Cisco Umbrella Rank: 600
295 KB
10 emxdgt.com
hb.emxdgt.com — Cisco Umbrella Rank: 1565
cs.emxdgt.com — Cisco Umbrella Rank: 806
781 B
8 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 147
244 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 257
3 KB
6 yahoo.com
ads.yahoo.com — Cisco Umbrella Rank: 816
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416
ups.analytics.yahoo.com — Cisco Umbrella Rank: 268
4 KB
6 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 488
4 KB
6 google.de
adservice.google.de — Cisco Umbrella Rank: 8832
1 KB
6 anhdep24.com
anhdep24.com
49 KB
5 brealtime.com
biddr.brealtime.com — Cisco Umbrella Rank: 2428
6 KB
5 setupad.com
node.setupad.com — Cisco Umbrella Rank: 34165
1 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496
5 KB
5 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1055
1 KB
5 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6130
870 B
5 stpd.cloud
stpd.cloud — Cisco Umbrella Rank: 36729
687 KB
5 gstatic.com
fonts.gstatic.com
80 KB
4 bumlam.com
sync.bumlam.com — Cisco Umbrella Rank: 2702
2 KB
4 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4292
1 KB
4 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 480
2 KB
3 adhigh.net
px.adhigh.net — Cisco Umbrella Rank: 11171
1 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 797
1 KB
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 346
1 KB
3 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 260
2 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
2 KB
2 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 2490
674 B
2 tns-counter.ru
www.tns-counter.ru — Cisco Umbrella Rank: 9999
707 B
2 aidata.io
x01.aidata.io — Cisco Umbrella Rank: 13774
1 KB
2 adsniper.ru
sync3.adsniper.ru — Cisco Umbrella Rank: 11692
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 730
2 KB
2 advertising.com
sync.adaptv.advertising.com Failed
pixel.advertising.com — Cisco Umbrella Rank: 307
939 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1438
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4364
726 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 870
344 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
2 imgur.com
i.imgur.com — Cisco Umbrella Rank: 5401
673 KB
2 link1s.com
link1s.com — Cisco Umbrella Rank: 185191
31 KB
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 4149
410 B
1 sniperlog.ru
sync3.sniperlog.ru — Cisco Umbrella Rank: 32357
516 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 594
277 B
1 otm-r.com
sync.dmp.otm-r.com — Cisco Umbrella Rank: 20303
69 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 384
861 B
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 2887
44 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1266
75 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 707
711 B
1 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 2486
1003 B
1 rfihub.com
a.rfihub.com — Cisco Umbrella Rank: 2770
1 KB
1 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 5026
233 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 557
191 B
1 6sc.co
t.6sc.co — Cisco Umbrella Rank: 12380
774 B
1
function sub() { [native code] }.
64 KB
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 293
265 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 434
706 B
1 1shorten.com
1shorten.com
129 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 54
36 KB
1 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2181
24 KB
464 67
Domain Requested by
48 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
uuid
76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com
anhdep24.com
d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com
cdn.ampproject.org
47 pagead2.googlesyndication.com securepubads.g.doubleclick.net
anhdep24.com
tpc.googlesyndication.com
uuid
76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com
googleads.g.doubleclick.net
d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com
www.googletagservices.com
29 cm.g.doubleclick.net 9 redirects anhdep24.com
googleads.g.doubleclick.net
uuid
76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com
d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com
22 ib.adnxs.com 6 redirects stpd.cloud
googleads.g.doubleclick.net
acdn.adnxs.com
22 eus.rubiconproject.com anhdep24.com
eus.rubiconproject.com
stpd.cloud
cache.betweendigital.com
18 securepubads.g.doubleclick.net anhdep24.com
securepubads.g.doubleclick.net
www.googletagservices.com
15 prebid-stag.setupad.net stpd.cloud
anhdep24.com
14 ads.betweendigital.com 1 redirects stpd.cloud
ads.betweendigital.com
12 gum.criteo.com 6 redirects static.criteo.net
12 www.google.com tpc.googlesyndication.com
uuid
76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com
anhdep24.com
d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com
11 cdn.ampproject.org securepubads.g.doubleclick.net
11 s0.2mdn.net uuid
www.google.com
s0.2mdn.net
76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com
11 mug.criteo.com anhdep24.com
10 static.criteo.net stpd.cloud
static.criteo.net
10 adx.adform.net stpd.cloud
10 script.4dex.io stpd.cloud
script.4dex.io
8 pixel.rubiconproject.com 1 redirects anhdep24.com
stpd.cloud
8 www.googletagservices.com anhdep24.com
uuid
76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com
d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com
6 x.bidswitch.net 6 redirects
6 googleads4.g.doubleclick.net uuid
www.google.com
6 secure-assets.rubiconproject.com 6 redirects
6 id5-sync.com stpd.cloud
6 adservice.google.com securepubads.g.doubleclick.net
6 adservice.google.de securepubads.g.doubleclick.net
6 anhdep24.com 1 redirects www.google.com
anhdep24.com
5 biddr.brealtime.com stpd.cloud
5 acdn.adnxs.com stpd.cloud
5 u.openx.net stpd.cloud
5 node.setupad.com anhdep24.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 googleads.g.doubleclick.net 76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com
www.google.com
uuid
d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com
5 cs.emxdgt.com stpd.cloud
5 rtb.openx.net anhdep24.com
stpd.cloud
5 token.rubiconproject.com 5 redirects
5 cm.adform.net anhdep24.com
stpd.cloud
5 prebid.a-mo.net stpd.cloud
5 hb.emxdgt.com stpd.cloud
5 mp.4dex.io stpd.cloud
5 setupad-d.openx.net stpd.cloud
5 bidder.criteo.com stpd.cloud
5 fastlane.rubiconproject.com stpd.cloud
5 prebid-eu.creativecdn.com stpd.cloud
5 stpd.cloud www.google.com
5 fonts.gstatic.com fonts.googleapis.com
5 pubads.g.doubleclick.net anhdep24.com
4 sync.bumlam.com 4 redirects
4 pool.admedo.com 4 redirects
4 sync.search.spotxchange.com 3 redirects googleads.g.doubleclick.net
3 px.adhigh.net 3 redirects
3 onetag-sys.com 1 redirects 76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com
cache.betweendigital.com
3 eb2.3lift.com 2 redirects
3 s.amazon-adsystem.com 2 redirects anhdep24.com
3 pr-bh.ybp.yahoo.com 3 redirects
3 fonts.googleapis.com anhdep24.com
securepubads.g.doubleclick.net
2 an.yandex.ru 1 redirects
2 www.tns-counter.ru 1 redirects
2 x01.aidata.io 2 redirects
2 sync3.adsniper.ru 2 redirects
2 pixel.advertising.com 2 redirects
2 pm.w55c.net 2 redirects
2 c1.adform.net 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 d5p.de17a.com 2 redirects
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 ads.yahoo.com anhdep24.com
googleads.g.doubleclick.net
2 pixel-eu.rubiconproject.com eus.rubiconproject.com
2 www.google-analytics.com www.googletagmanager.com
anhdep24.com
2 i.imgur.com anhdep24.com
2 link1s.com 1 redirects anhdep24.com
1 t.adx.opera.com
1 sync3.sniperlog.ru
1 cache.betweendigital.com ads.betweendigital.com
1 ap.lijit.com ads.betweendigital.com
1 sync.dmp.otm-r.com ads.betweendigital.com
1 ups.analytics.yahoo.com 1 redirects
1 sync.mathtag.com 1 redirects
1 cc.adingo.jp 76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com
1 ssbsync.smartadserver.com 76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com
1 um.simpli.fi 1 redirects
1 sync.inmobi.com 1 redirects
1 a.rfihub.com 1 redirects
1 rtb2-useast.e-volution.ai uuid
1 pixel-sync.sitescout.com uuid
1 t.6sc.co uuid
1 uuid securepubads.g.doubleclick.net
1 158ff0f6e5982d339946055ebbe20530.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 91ddacdc5d85c79dc53597452cb35bf8.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 match.adsrvr.org anhdep24.com
1 px.ads.linkedin.com anhdep24.com
1 ccc7a1f90e572e6e8a4b60076af0efa6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 1shorten.com anhdep24.com
1 www.googletagmanager.com anhdep24.com
1 stackpath.bootstrapcdn.com anhdep24.com
0 sync.adaptv.advertising.com Failed 76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com
464 97

This site contains links to these domains. Also see Links.

Domain
link1s.com
note1s.com
1shorten.com
Subject Issuer Validity Valid
www.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
anhdep24.com
R3		 2022-03-07 -
2022-06-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
link1s.com
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.imgur.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-03-16		 a year crt.sh
1shorten.com
R3		 2022-03-07 -
2022-06-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-04 -
2022-05-03		 3 months crt.sh
*.id5-sync.com
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-15 -
2023-01-15		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.emxdgt.com
Amazon		 2021-07-02 -
2022-07-31		 a year crt.sh
*.a-mo.net
R3		 2022-02-18 -
2022-05-19		 3 months crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-15		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.6sc.co
DigiCert SHA2 Secure Server CA		 2022-01-16 -
2023-01-17		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
teads.tv
R3		 2022-01-03 -
2022-04-03		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
node.setupad.com
R3		 2022-03-02 -
2022-05-31		 3 months crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.e-volution.ai
Sectigo RSA Domain Validation Secure Server CA		 2021-09-13 -
2022-10-14		 a year crt.sh
ui.aps.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-02-07 -
2022-03-30		 2 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.adingo.jp
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-26 -
2022-04-14		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-02 -
2022-05-03		 3 months crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2022-01-21 -
2023-02-22		 a year crt.sh
sync.dmp.otm-r.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-18 -
2022-06-18		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
cache.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2022-01-24 -
2023-02-24		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-14 -
2022-06-10		 a year crt.sh

This page contains 79 frames:

Primary Page: https://anhdep24.com/
Frame ID: A85F705E8074900B73D3E45C6871E2A6
Requests: 30 HTTP requests in this frame

Frame: https://anhdep24.com/sbbi/?sbbpg=sbbShell&gprid=ce
Frame ID: 3EFD379C43B3B8DEAB97BE7EC132EC8E
Requests: 3 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd220112.js
Frame ID: 42C6D79820DD128ADF12047161FB3D5D
Requests: 34 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd220112.js
Frame ID: D6DC778B7573D6D053D5ADCF71E43F05
Requests: 32 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd220112.js
Frame ID: 32CBE8D31CC2B628D7BE76671017FCEA
Requests: 32 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd220112.js
Frame ID: A1034236163DC8561645B21EDE896667
Requests: 32 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd220112.js
Frame ID: 1D0C50BB83634933A2779A8BD6F81610
Requests: 32 HTTP requests in this frame

Frame: https://ccc7a1f90e572e6e8a4b60076af0efa6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9A5F68DB6080F33D203F42FB1B28D3F4
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 0CDA04B021202F2C9A75A0CE78DBFBE7
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 97CAD779759F1686D3398E63883BB158
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 27C2B5EE83C71CA9A8D35D776D67F3D9
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: A168271F7A143A3D9C8DEAB11F49EA82
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: B56C76429162F69025EF3B973BA9C082
Requests: 2 HTTP requests in this frame

Frame: https://76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 8B1BA5FF058426D5C4ADE5EE84DB0932
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Frame ID: A214F56B0A454C5152A3DE4E1D4B48EB
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Frame ID: E1EF5A3FA1FE67BE221F5FF1F3163C55
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Frame ID: 7E466567849D0ECFAD20EB1CBD59ED64
Requests: 1 HTTP requests in this frame

Frame: https://91ddacdc5d85c79dc53597452cb35bf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 409DDF750609921EF88977E07DC1FFBE
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Frame ID: 1A2F0307B0841233299BCCBBCD8079FA
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Frame ID: FBBDB8AB640FF37D7B430ED219C3D050
Requests: 1 HTTP requests in this frame

Frame: https://158ff0f6e5982d339946055ebbe20530.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 359F681004F9F7DE7592F34A11886362
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A1D8B31F865CB413C72FC07B00CFA7D9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CBE62BD215435D4D6C68F505ABBE9AE8
Requests: 2 HTTP requests in this frame

Frame: https://d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: FD06B43D221E14B7B0917582EDB5EE02
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8DC303DFB5733874FDC1935D8D9AEA24
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FB91AF1051881E97965D94BFC86A4E4A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B440FB54953A6D2700C970FD85D8E62B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CD3EA45AA0DAC201D31BA849DE80E53E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3A5769D16810A0ACEDAB434EDA731B6C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E06C1A6F10D7E0DCBAFF8301B5BBD959
Requests: 2 HTTP requests in this frame

Frame: https://76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 510E4A4FB0F01E285D11628AE910BB3C
Requests: 14 HTTP requests in this frame

Frame: urn://uuid:8475b13c-33ce-9adf-b30b-9adf33ce8475
Frame ID: 6334BBFFBC8162F5A221556FDB866628
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNupDBD70OkBGIWE-cEBMAE&v=APEucNUHKWwy3-w6EhGYXFboI2IszufZVuG1WG1H4ofDDFgyVWKoM-tq57I5PT_xFa4Pz9P4G1qVUbwrwjFvXMoi9UcFBOIijx2WnWNYKLiBedM0bVP11DWoA2jWJp3F1Z1zYgVOI_A5LxNcyVhhqhKfmWP6H389robrDKRJFH2L4wtmydI1UKShfzKT4C0bhrG0v62X255MhHlex356ZEZMsW0VDoEARg
Frame ID: 11A7E5CC9C8098A697CD804872772181
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 00555F310C4D0CD892677D8640968CC2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AE198B0DD92B674580C9F7F48196C51A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiY0s7CATAB&v=APEucNWzyhYkVcZuXKNJuvIfm4ypDxp2qqhlcsQdEnmXvgCFOK7AmGhpC5WKsdlAykTCWbSZdtXwEF0ajhL4za3LDlk3vhT8SRzrKEF_JPjXtPc3CmqsNTIX37b8BtvoxZo4S_z3lUwqUwJbzDKMuVLmE_Cf5YpzSONpr2o8-CFL5mPXoyusjMR1ALoajZ0qLQTJvEuzggiQFqFn8nEicjZIdk-p3_dZcw
Frame ID: 3790AFC4E3089B000C697F5673DDBAA6
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012202142035000/amp4ads-v0.mjs
Frame ID: 2BBD7D4E753F08F47BA82638A693AED7
Requests: 19 HTTP requests in this frame

Frame: https://d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 5409A56C2A794D6090332A783CCC8741
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012202142035000/amp4ads-v0.mjs
Frame ID: 6D822F17CC74C2A097DA4C9C454B6FD9
Requests: 25 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BCDB8BF4AC3D04646E46576B2DBDC91F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 857DC8A865E888A25047187D7A8145E6
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNupDBD70OkBGIWE-cEBMAE&v=APEucNU7uF8SYVXYN8_2W9Jd3qUwl56_KY6TRbfsahbWuS36qJ3ITPgyP9RshP9asZ7kbFQ7_PPw1lE4Sz7AxcVp8JM6QLUc-loBTdwkJZ3m4b5hiqKbca2pfGb59nlidrlsTtr_rIlZt0wRP9uYhpTtXLgr2YQwzvo0pqsav8omVpjuEZHT7U7G2ApXaouqCkF_qZ13Up-B3k875tCFrjnsp9gcwyPkbA
Frame ID: B565925D5FB8648982B7D7C1102A39DA
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7973448254094797164/EUVan_Branded_BookNow_HTML5_728x90/728x90.html
Frame ID: D9572D49EC4A91685E643BF650145837
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E746E45D853AD1211F8865825A0C0BBE
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D4594225E49FAFAA1F3CB80E306E4ACB
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7973448254094797164/EUVan_Branded_BookNow_HTML5_728x90/728x90.html
Frame ID: 3DAAB333320142F323747DB52E9206E3
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3114E7AEA0E397F1F0A7AEC2E7642CA6
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AB5F880E9DB8E8B1DC9C1CC2F73E95D2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2C6766449EAE96A1A370593F3D2FD718
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 513FC773C0525E12D4FE996912C09629
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=anhdep24.com
Frame ID: BBDFAA9B316A7B3A1B923AE3A8AF9EFF
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 42E7FDEA0B1A8892C52DE94CDE20323E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: AB77CEB640B39589E0E13A8A938FAB29
Requests: 2 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: A36569DDB97148CD9B905765A2FEFC4A
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6C3A0F318B5FD03BD051DD3C928B4CB2
Requests: 3 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 89D2666B7ECA60075CF1B21175EE861B
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 778E18C4884B0CD9C1348CFC259BAEE0
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: DA9BA89F605DA18B2D6C789AF2746AA1
Requests: 3 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: C0060460F5E446F7B296733B9089C276
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 12C6C3AB004E0259121785DC832787A7
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 1B3397C87073F933328F3B1EF6C84E75
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: F03115BAE74FAB57E54B3099CE8D8CF7
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 9DB88419CA78E46D3FCACBA480FD7FF5
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: AA94094308EB0F696CA36139CBDFF440
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 34478AB9F1C6D5AD842649F30B62F9B0
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B31164F4683A69DDE366A7D7C5BF0DFD
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 45D30325F827BA5148958853D11BF38F
Requests: 2 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: EAB7ABC996361389286BCF5B399BE8A1
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 9C514E07B3354B6DDFB9BAD669CB20D5
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8104CD39E7400F16E1FE2B67414C27C8
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 52F1C35E8D3E92CA431DF853DA5A4456
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: DF484A58FF8BA290E5A825876189BA14
Requests: 3 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 29C93C5B6C73B28FAEB60604B2F8636A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C3DE440065F12EE51E663D816EC82692
Requests: 2 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 5CE183741D707711B86F4BF543251D33
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 0A1CD733725B3591BC855FA8796122B6
Requests: 1 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=7662cf78-ab1c-514e-b2e9-b01fd0dc609f&CACHEBUSTER=869785
Frame ID: 70558217783D04ED9A2D14003D5A9655
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 35FB024D8F933783CEADC115F1BB7BE4
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: CC1EA8E3D1B3105E9DD0296C3AC10ECC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Anh Dep 24 - Share technology and tutorials

Page URL History Show full URLs

  1. https://link1s.com/VCI5R HTTP 302
    https://anhdep24.com/verifylv1/?VCI5R HTTP 307
    https://www.google.com/url?sa=t&source=web&rct=j&url=https://anhdep24.com/&ved=2ahUKEwihv5-mtIr2AhV... Page URL
  2. https://anhdep24.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/

Page Statistics

464
Requests

89 %
HTTPS

32 %
IPv6

67
Domains

97
Subdomains

69
IPs

15
Countries

6407 kB
Transfer

13864 kB
Size

89
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://link1s.com/VCI5R HTTP 302
    https://anhdep24.com/verifylv1/?VCI5R HTTP 307
    https://www.google.com/url?sa=t&source=web&rct=j&url=https://anhdep24.com/&ved=2ahUKEwihv5-mtIr2AhVfxzgGHdFqByIQFnoECAIQAQ&usg=AOvVaw2yuQNotRdTrslaDrqhKydp Page URL
  2. https://anhdep24.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://link1s.com/VCI5R HTTP 302
  • https://anhdep24.com/verifylv1/?VCI5R HTTP 307
  • https://www.google.com/url?sa=t&source=web&rct=j&url=https://anhdep24.com/&ved=2ahUKEwihv5-mtIr2AhVfxzgGHdFqByIQFnoECAIQAQ&usg=AOvVaw2yuQNotRdTrslaDrqhKydp
Request Chain 35
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fanhdep24.com%2F&domain=anhdep24.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=y9OjI3xJOWF2R2FCK2FSMDNKSVFxNTFGTFE0emVUVDdTNmlMS0pYaFVNNnhhMlp4T0p5ZzRlRmNLeEFZd2hFOVVRb2ZKbTB6dXZMdEh5WmU1RmdGRmJEb0UxZjNGL2xjMDRIck1zMkxxVUcwN2dsRmFvM2RMRU5aeGtuVHdvaFV4MS9RWnh3b05kTy9yRGtrQnRGYUprVC9pKzA4alNPVGZUUmZHVjJvOHM3UE4yclRBN3U4cDVmYW5WK2w2WllkZFZhblo5cGoyZlZuUjJyRG9teTZiMDZkd2pjYTNPdG1rMXhscHNZS2trTGs2empVPXw&cppv=2
Request Chain 38
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Request Chain 41
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fanhdep24.com%2F&domain=anhdep24.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=pQTW5XxaVkJEdTgvQVNUcDZ6VHVPenc5WG12VER2bnRvTEt1L2d4YWFIbkRGcERRMXlhZXBURWFNeW96bDQ2N0VQMmhDbFFPUHVOK05JNEtIRGd6UjdybEZtZlJBblRUZUZOYjB3VmNJUnFkZUNRM3ZUWXpXeU1UYmcwOW5hNG9CbmpqUnVNRExJSWpxdVVHWEVTb3N0ZzRPdEsyYTRJckovSC9xOG9ob0huSEpPcEM3S1RmTk5JeC9kdyt1QTd6UlVMSDJuUzdMU25Ld2JFeHZSamx2NFBHY1JIdEJBNE1sbjg1RTIvWDE5bkZabWljPXw&cppv=2
Request Chain 44
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Request Chain 47
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fanhdep24.com%2F&domain=anhdep24.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=lZrHknw3NXBKbWZuaE93b1lpYTdUa0tIRWV4K05IYlljMVo5KzhnT21CbG81WFhkTTlXU0o3U01FSFhGMUZEa29DSXFOa3J0aEZJQ09udXZna1RFMjFqaytxZmxLK3R3RlBGZTZRcHFYNmVGQVZ2VjNpKytBcHdTZ0xGNkpyYWlOWDVaNVF4RUNyWWU4a0t0QmwvNTRBaGlqZC80eFcrWUpJaXlhaHUxWWtvV3NmV1RVQnhIYXp3djJFeXg1L0FoZEUzWVhkcDFnZnEyOGw0TlIxWnltT012RXFoZ01PMUFSY0ZvTGtzSEZqcHY1UU9vPXw&cppv=2
Request Chain 50
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Request Chain 53
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fanhdep24.com%2F&domain=anhdep24.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=orhQenxVbjFSRHpJTDAvZUsyQ0duYnEzbitUamM4WDNIY3JWWFhnMk1GbmxjVm5LTS85VTc0QzFSY1kwb0xPeG5BcWE2VUhWQTlJR2hwTFRpUk9tMUczbUEreDRMVWZ2dTJ2TVZXV1hiUFBtTFhRd1R5SU9oRHZRcVlmMlVzRVFqNFlWWVU2dFVqSkhndFA0cmRhMUZ0S3ZIa2Z4N3NMeDZmY21xTVlHRE5mY0kwUXpHcWs5S3FpbVd4VGFvZEl6d21maURtZU93YmY0Z2JUNlJxSmJjNzZvR0pnZHNmcmozM1JHcEU5Wm8wMUxkdjhnPXw&cppv=2
Request Chain 56
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Request Chain 59
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fanhdep24.com%2F&domain=anhdep24.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=IV8Pa3xIMm8yQ2lZMk93RzhHQlQ1bWxacWV1V2VGV3l1czNQSzdmMGwyeFZYRHI1czN2bkFrRWdhMGx1U2I1Z3dYYlU1VUpFMWhNVk4yZDBRdVoyQmIwZms3dDZoS3pxYll0MVhycXlWK3p2cWxQNlNVSXVaTFhWNkhjQUpHRHZpODBFbDVrSStrcG9Dbm91L1ppc1NUU3QweEdTUi9xT3l6UCtFN3RnOHovS1FmYjgyays2dFNzeWxhYmxGa0dhSklTLzZzVHJGYmhldVIzMHJxQ2pCRnExcWYxYVlxZUsrVzE5NW9lNEpaeHVwRk9RPXw&cppv=2
Request Chain 62
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Request Chain 160
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L0XUFQOX-D-8HHD&sigv=1&esig=2~729293847b9babfdf428df75f36f3d3da97564dd
Request Chain 161
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L0XUFQOX-D-8HHD
Request Chain 162
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBYVUZRT1gtRC04SEhE
Request Chain 163
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEABVwS8xp_2b0XUJ75caoes&google_cver=1
Request Chain 164
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTJjNmIzNDRjNDMxMmMwYzYzNzk0NDVjMmY4OWJlOGExNjRjZjhhMg
Request Chain 165
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/MZUAUwTdLRloamRtesn5og?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4101895431885435614
Request Chain 167
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=3Vhb0eyqSoyZ7fqNshotdw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3Vhb0eyqSoyZ7fqNshotdw
Request Chain 168
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=4324660553442358576
Request Chain 169
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=4324660553442358576
Request Chain 170
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=4324660553442358576
Request Chain 171
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=4324660553442358576
Request Chain 172
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=4324660553442358576
Request Chain 253
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFtYhNSZJDAfUxj8ya0KcIw&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFtYhNSZJDAfUxj8ya0KcIw&google_cver=1&C=1
Request Chain 254
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YjXQgaa62BdQhslHslBx5gAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFtYhNSZJDAfUxj8ya0KcIw&google_cver=1
Request Chain 255
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJPnxd3EbTj_j4cCIufYPDE&google_cver=1
Request Chain 256
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTE3MzcyNzQ1MTAxOTYwMDQ3Ng%3D%3D
Request Chain 257
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHKiL7qTbHhkttWySutU-i8&google_cver=1
Request Chain 259
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEB6EC8HfVk_dVhzU1q2CNmg&google_cver=1
Request Chain 323
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENvwUHY6DkhUVu7bXmzsqC4&google_cver=1&google_push=AYg5qPL3GAQ_Z_U9R_VE2ccJLhucof2yCEm5XrnKbwfctCuEc0DSsZeEkcGRg4Jcrj8Ux85mB54bc_Gm0XU_u96bXoQ4LqEctLcw8w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPL3GAQ_Z_U9R_VE2ccJLhucof2yCEm5XrnKbwfctCuEc0DSsZeEkcGRg4Jcrj8Ux85mB54bc_Gm0XU_u96bXoQ4LqEctLcw8w&google_hm=NDEwMTg5NTQzMTg4NTQzNTYxNA%3D%3D
Request Chain 324
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEPcnadHPyXF09Ns0IXB7Ixg&google_cver=1&google_push=AYg5qPLKBC_zlZ3UUltKuDGaeDvDDCYYFGaenj4rMwrnmTeulJmeGdIvPaRT-222qohncu8VNpxiqPBdyF6Q39KIPzLAUKk_eKzPEw HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEPcnadHPyXF09Ns0IXB7Ixg&google_cver=1&google_push=AYg5qPLKBC_zlZ3UUltKuDGaeDvDDCYYFGaenj4rMwrnmTeulJmeGdIvPaRT-222qohncu8VNpxiqPBdyF6Q39KIPzLAUKk_eKzPEw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLKBC_zlZ3UUltKuDGaeDvDDCYYFGaenj4rMwrnmTeulJmeGdIvPaRT-222qohncu8VNpxiqPBdyF6Q39KIPzLAUKk_eKzPEw
Request Chain 325
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEO-5VRgNZ4flQHrUHDtJBcw&google_cver=1&google_push=AYg5qPIwQjUHNDXMyrNWutrq9H72ncVjURegOTVcAKjLjvvu5Q6SjJcPQJU6vRiFkDSZqmnpykg9_xjoWeIvDnK6Io0Zuj81xftk HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPIwQjUHNDXMyrNWutrq9H72ncVjURegOTVcAKjLjvvu5Q6SjJcPQJU6vRiFkDSZqmnpykg9_xjoWeIvDnK6Io0Zuj81xftk&google_gid=CAESEO-5VRgNZ4flQHrUHDtJBcw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODg5ODU3NTQ0NTE3Mjk1MTMwODEx&google_push=AYg5qPIwQjUHNDXMyrNWutrq9H72ncVjURegOTVcAKjLjvvu5Q6SjJcPQJU6vRiFkDSZqmnpykg9_xjoWeIvDnK6Io0Zuj81xftk
Request Chain 327
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEJPA0tztMP6kqOMML4l-Ukc&google_cver=1&google_push=AYg5qPKC9AFjSxFMZoa56H7mDaseIgfKhzvlQ2Z21RNNo9k38v8sgBNhFSxktSjJVXqifVAbi-1K30MjHV4lHNrmLGiIYj89EP85cjI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPKC9AFjSxFMZoa56H7mDaseIgfKhzvlQ2Z21RNNo9k38v8sgBNhFSxktSjJVXqifVAbi-1K30MjHV4lHNrmLGiIYj89EP85cjI&google_hm=Njg0NDU1NTM3ODQ4MTM1NDMxNA==
Request Chain 328
  • https://sync.inmobi.com/gob?google_gid=CAESEAhm9SVJnCA8qgILQ_bGfkQ&google_cver=1&google_push=AYg5qPIZznxYZrE5sTCXzyeUVE1hX1nvAzUFA0Mmdh8527ZNmQuIltoTAPQDtQRdqcwdMFnBx2uTS6Zn-c_JtCp-rhvMrbYCZZfsJQQ HTTP 302
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAYg5qPIZznxYZrE5sTCXzyeUVE1hX1nvAzUFA0Mmdh8527ZNmQuIltoTAPQDtQRdqcwdMFnBx2uTS6Zn-c_JtCp-rhvMrbYCZZfsJQQ&gdpr_consent=&gdpr=
Request Chain 332
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECOznEm6TvDjZSJ8u_XnpNQ&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECOznEm6TvDjZSJ8u_XnpNQ&google_cver=1&__user_check__=1&sync_id=83d247e2-a782-11ec-af66-1024185a0406
Request Chain 333
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=83ce432d-a782-11ec-bec5-180e33a50106 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ODNkMjQ3YTMtYTc4Mi0xMWVjLWFmNjYtMTAyNDE4NWEwNDA2
Request Chain 351
  • https://um.simpli.fi/gp_match?google_gid=CAESEGaB1IQzDVXgdMiivRK-gwI&google_cver=1&google_push=AYg5qPIpTtcDcoIwMtNWLYFa3sMzegQsj2HXfDHjuIk5yN3Tm72UkTccQsfj9GFn9_Z0SMMlAhWBIMqYFVJgGpWtGYcSGHkqCx0XEA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=064D7305A3914CA283E387B9F6083E8B&google_push=AYg5qPIpTtcDcoIwMtNWLYFa3sMzegQsj2HXfDHjuIk5yN3Tm72UkTccQsfj9GFn9_Z0SMMlAhWBIMqYFVJgGpWtGYcSGHkqCx0XEA
Request Chain 352
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOwI5RCfUz7vOasPm6IfMUE&google_cver=1&google_push=AYg5qPID4LdWmdCpkkUh1Md7BGmhpRYQ228wIRScDqlxUywwkBM18dOcAddtwpr24pQ0BPVRf51F1xJeyCEw8Mnoo0ElcI_IKGl7Uw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA3Njc5MTY0NjI1MzE1MjQwMw%3D%3D&google_push=AYg5qPID4LdWmdCpkkUh1Md7BGmhpRYQ228wIRScDqlxUywwkBM18dOcAddtwpr24pQ0BPVRf51F1xJeyCEw8Mnoo0ElcI_IKGl7Uw
Request Chain 354
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEITFfddgM_1bVvfWIXIw6OQ&google_cver=1&google_push=AYg5qPJMsdTQqIKC6FjN26lhqfaEaZRBla4oTMTM4Yn8GYERujxmAfOHU2SXEOwC24F1nsNSWIX--qrYDCWIBjAcv89iLX1I_5krHQ HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEITFfddgM_1bVvfWIXIw6OQ&google_cver=1&google_push=AYg5qPJMsdTQqIKC6FjN26lhqfaEaZRBla4oTMTM4Yn8GYERujxmAfOHU2SXEOwC24F1nsNSWIX--qrYDCWIBjAcv89iLX1I_5krHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDI1OTgyMjgzNDUyNzE4MjY1NA&google_push=AYg5qPJMsdTQqIKC6FjN26lhqfaEaZRBla4oTMTM4Yn8GYERujxmAfOHU2SXEOwC24F1nsNSWIX--qrYDCWIBjAcv89iLX1I_5krHQ
Request Chain 357
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESELpe4yU2FhkyLuX3oD1a8RU&google_cver=1&google_push=AYg5qPKpwn-D29Qk7IG_PlNJTrRJHW1jI7lo6aUziG-qdFnewhrQRMEIldw71-SEoM4ezV_hTHCEAbos0JuNXO0DXUCTmKHprXCz4OI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPKpwn-D29Qk7IG_PlNJTrRJHW1jI7lo6aUziG-qdFnewhrQRMEIldw71-SEoM4ezV_hTHCEAbos0JuNXO0DXUCTmKHprXCz4OI HTTP 302
  • https://onetag-sys.com/sync/i,19/?google_error=5
Request Chain 373
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBLEh22JAPjp7N4nxr1ryfM&google_cver=1&google_push=AYg5qPLot2pTriTYI_zkD_ESegAlzrQ0P41rsNm5e2aLDF82RkacfIR04EdOBUu4HJB2xeMqO1IRCLonq4q-Qz2ULh4xGH8jq5w HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBLEh22JAPjp7N4nxr1ryfM&google_cver=1&google_push=AYg5qPLot2pTriTYI_zkD_ESegAlzrQ0P41rsNm5e2aLDF82RkacfIR04EdOBUu4HJB2xeMqO1IRCLonq4q-Qz2ULh4xGH8jq5w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VWZTY1loeXMxTnZ5c1c1&google_gid=CAESEBLEh22JAPjp7N4nxr1ryfM&google_cver=1&google_push=AYg5qPLot2pTriTYI_zkD_ESegAlzrQ0P41rsNm5e2aLDF82RkacfIR04EdOBUu4HJB2xeMqO1IRCLonq4q-Qz2ULh4xGH8jq5w
Request Chain 374
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEM_zoOvZIML1xVYAPYEiO5A&google_cver=1&google_push=AYg5qPIQgDdt__cOo5HbGtBHdfJywcvbs2ABrFScSi3qbNrIH4tz9mX8208Usyi46KCYjS7Atd71op7HrtsRo8HK7neS4b8tso1Z HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIQgDdt__cOo5HbGtBHdfJywcvbs2ABrFScSi3qbNrIH4tz9mX8208Usyi46KCYjS7Atd71op7HrtsRo8HK7neS4b8tso1Z
Request Chain 375
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOwI5RCfUz7vOasPm6IfMUE&google_cver=1&google_push=AYg5qPKLYKaTVNd8yda0_F8Vrstfg2qjrkDjkQQVdpQHZ-8gHbmeIrX4q_ZsYGblmNUh6F6cWnPXOSlEJKO5Ctl6evQX01Do6MU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA3Njc5MTY0NjI1MzE1MjQwMw%3D%3D&google_push=AYg5qPKLYKaTVNd8yda0_F8Vrstfg2qjrkDjkQQVdpQHZ-8gHbmeIrX4q_ZsYGblmNUh6F6cWnPXOSlEJKO5Ctl6evQX01Do6MU
Request Chain 376
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESED3K17wXjNX0q7EXy1H07co&google_cver=1&google_push=AYg5qPIM9pik3qlnEXcgXOqeGn6n04tXZiUlBp3flEi1tS5ywgYTc3Bt4_x8f-Dcq39bMFEKSCNPM9FwSKYi-6Q3UGviOxO9OnhY HTTP 302
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESED3K17wXjNX0q7EXy1H07co&google_cver=1&google_push=AYg5qPIM9pik3qlnEXcgXOqeGn6n04tXZiUlBp3flEi1tS5ywgYTc3Bt4_x8f-Dcq39bMFEKSCNPM9FwSKYi-6Q3UGviOxO9OnhY&bounced=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPIM9pik3qlnEXcgXOqeGn6n04tXZiUlBp3flEi1tS5ywgYTc3Bt4_x8f-Dcq39bMFEKSCNPM9FwSKYi-6Q3UGviOxO9OnhY&google_hm=hhS3tiBQ4N4AAikABlF_ojZ9zQ%3D%3D
Request Chain 377
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENvwUHY6DkhUVu7bXmzsqC4&google_cver=1&google_push=AYg5qPJHNLQ9IFX324raznMa24Snb4J4Wwvu9y0xwNZoR2Sdic8ilBZj9h7TKQk1eUlA-SqrFxcI1ZfcTKcpIjGfpqUvpYEqFbI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJHNLQ9IFX324raznMa24Snb4J4Wwvu9y0xwNZoR2Sdic8ilBZj9h7TKQk1eUlA-SqrFxcI1ZfcTKcpIjGfpqUvpYEqFbI&google_hm=NDEwMTg5NTQzMTg4NTQzNTYxNA%3D%3D
Request Chain 378
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEMtiI5lG7xeng-jRZ5ZMdQQ&google_cver=1&google_push=AYg5qPJkkXNb-1Qz_tttJOCKxDdipVN8msqzoOQ4Okbfn2gQgfJcQ3G8PyLnkEpXcfGJxD8SfiCI2khmzFi8388iH-4vL8o7zinkPw HTTP 302
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEMtiI5lG7xeng-jRZ5ZMdQQ&google_cver=1&google_push=AYg5qPJkkXNb-1Qz_tttJOCKxDdipVN8msqzoOQ4Okbfn2gQgfJcQ3G8PyLnkEpXcfGJxD8SfiCI2khmzFi8388iH-4vL8o7zinkPw&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEMtiI5lG7xeng-jRZ5ZMdQQ&google_cver=1&google_push=AYg5qPJkkXNb-1Qz_tttJOCKxDdipVN8msqzoOQ4Okbfn2gQgfJcQ3G8PyLnkEpXcfGJxD8SfiCI2khmzFi8388iH-4vL8o7zinkPw&apid=UP84037a4d-a782-11ec-a67b-02dd3cd414ae HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA4NDAzN2E0ZC1hNzgyLTExZWMtYTY3Yi0wMmRkM2NkNDE0YWU%3D&google_push=AYg5qPJkkXNb-1Qz_tttJOCKxDdipVN8msqzoOQ4Okbfn2gQgfJcQ3G8PyLnkEpXcfGJxD8SfiCI2khmzFi8388iH-4vL8o7zinkPw
Request Chain 414
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=anhdep24.com&sn=ChromeSyncframe&so=3&topUrl=anhdep24.com&bundle=FQcYYV9zMk5MRGpFb1R2cGZaNFZRVklVanlTRlhhblNlQ1FBc3FxWU10Tm5PdmVSV0drRW9wQjlKTGRZWnVDY2JDaDNIRlU5SzU0cHRUdnJrd0h0cHFRNDRmUDBJTW81RTRtWXpucU42Uzg3cUlkMW1Mb015SzJOYVduTmNNQWclMkIwYVBQ&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=IaCqEnxpcnVXWU5ia1FaamVkTXVieTFYRjcvbWJldFoyeHBPTUNTR0RyNFpYV00vckoxT3RGSEFHREY3UmQ0ZW5WY21CM0N3UmdrOWNlYUpYMnJ6WDRXaDFQK1hGczhkWFBQSFRHbTBUc3BzOGIwTlNqRm5zSEE2OWJINWtYaXdOU1hpak1mWno0NFVlNG5McldhQms1NW9wc2k2Q3hJVjRvcU1lNGlzR1BvTkdPRHp4aHZ2VFplSW5JYUhycmxMemRSU2tRSjdFMW9MU2tLT1hKSGFiMmt1NlByWjhySzRUTFdDckE3TlBTWFEzZE9NUmcremdQMDlNMVZjUEovZHdGNVJiKzZkSlNaVXcrcmpqS3BmVlRKSjEzM1pUb3J0czlVcG1ZaStTUDFHTW10Zz18&cppv=2
Request Chain 443
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=28296e9b-c36d-4f73-8e11-5d0c57b5e5a6 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=28296e9b-c36d-4f73-8e11-5d0c57b5e5a6 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=cbc1a2a9-ddb8-4d6a-8a27-9736f59eb9fa&user_group=1&ssp=between&bsw_param=28296e9b-c36d-4f73-8e11-5d0c57b5e5a6 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=28296e9b-c36d-4f73-8e11-5d0c57b5e5a6
Request Chain 445
  • https://px.adhigh.net/p/cm/btw HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uxalPjpSU9SG.AikABlF_ojZ9zQ
Request Chain 455
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=28296e9b-c36d-4f73-8e11-5d0c57b5e5a6 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=28296e9b-c36d-4f73-8e11-5d0c57b5e5a6 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=cbc1a2a9-ddb8-4d6a-8a27-9736f59eb9fa&user_group=1&ssp=between&bsw_param=28296e9b-c36d-4f73-8e11-5d0c57b5e5a6 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=28296e9b-c36d-4f73-8e11-5d0c57b5e5a6
Request Chain 456
  • https://sync.bumlam.com/?src=aid0 HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiFodeRBlIFl4XSlAY* HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiFodeRBlIFl4XSlAaiARCFnOkip4IR7KbpACWQyCQ3 HTTP 302
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQABiFodeRBqIBEIWc6SKnghHspukAJZDIJDc* HTTP 302
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQARiFodeRBqIBEIWc6SKnghHspukAJZDIJDc* HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=859ce922-a782-11ec-a6e9-002590c82437 HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=859ce922-a782-11ec-a6e9-002590c82437&bounce=1 HTTP 302
  • https://sync.bumlam.com/?src=aid1&uid=5To2QttF1FDiDlWwE3Dwhg& HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=5To2QttF1FDiDlWwE3Dwhg&extra2=aidata HTTP 302
  • https://sync3.sniperlog.ru/?src=ggl&extra1=5To2QttF1FDiDlWwE3Dwhg&extra2=aidata&google_gid=CAESELcbLb3TyDknahZ01XtAhHw&google_cver=1
Request Chain 462
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Request Chain 465
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/869785 HTTP 302
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/869785
Request Chain 466
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=7662cf78-ab1c-514e-b2e9-b01fd0dc609f&expires=60 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=28296e9b-c36d-4f73-8e11-5d0c57b5e5a6&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 468
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F7662cf78-ab1c-514e-b2e9-b01fd0dc609f HTTP 302
  • https://an.yandex.ru/mapuid/betweendigitalis/7662cf78-ab1c-514e-b2e9-b01fd0dc609f HTTP 302
  • https://an.yandex.ru/mapuid/betweendigitalis/7662cf78-ab1c-514e-b2e9-b01fd0dc609f?redir-setuniq=1

464 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
url
www.google.com/
Redirect Chain
  • https://link1s.com/VCI5R
  • https://anhdep24.com/verifylv1/?VCI5R
  • https://www.google.com/url?sa=t&source=web&rct=j&url=https://anhdep24.com/&ved=2ahUKEwihv5-mtIr2AhVfxzgGHdFqByIQFnoECAIQAQ&usg=AOvVaw2yuQNotRdTrslaDrqhKydp
916 B
1017 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/url?sa=t&source=web&rct=j&url=https://anhdep24.com/&ved=2ahUKEwihv5-mtIr2AhVfxzgGHdFqByIQFnoECAIQAQ&usg=AOvVaw2yuQNotRdTrslaDrqhKydp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 19 Mar 2022 12:45:50 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=31536000
accept-ch
Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness
bfcache-opt-in
unload
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding
br
server
gws
content-length
466
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

date
Sat, 19 Mar 2022 12:45:50 GMT
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
referrer-policy
no-referrer
location
https://www.google.com/url?sa=t&source=web&rct=j&url=https://anhdep24.com/&ved=2ahUKEwihv5-mtIr2AhVfxzgGHdFqByIQFnoECAIQAQ&usg=AOvVaw2yuQNotRdTrslaDrqhKydp
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
server
fbs
x-hw
1647693949.cds261.fr8.hn,1647693949.cds288.fr8.sc,1647693950.cdn2-wafbe03-fra1.stackpath.systems.-.wx,1647693950.cds288.fr8.p
access-control-allow-origin
*
Primary Request /
anhdep24.com/ 		85 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://anhdep24.com/
Requested by
Host: www.google.com
URL: https://www.google.com/url?sa=t&source=web&rct=j&url=https://anhdep24.com/&ved=2ahUKEwihv5-mtIr2AhVfxzgGHdFqByIQFnoECAIQAQ&usg=AOvVaw2yuQNotRdTrslaDrqhKydp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
fbs /
Resource Hash
f33e4b654e414d69b018c6ba88ffde78e0da026cba900ae3eff00f4332cd4b8d
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/

Response headers

date
Sat, 19 Mar 2022 12:45:51 GMT
cache-control
private
content-encoding
gzip
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-ua-compatible
IE=edge
link
<https://anhdep24.com/wp-json/>; rel="https://api.w.org/"
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
server
fbs
x-hw
1647693950.cds261.fr8.hn,1647693950.cds276.fr8.sc,1647693951.cdn2-wafbe03-fra1.stackpath.systems.-.wx,1647693951.cds276.fr8.p
access-control-allow-origin
*
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 		152 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
28192855
cdn-cachedat
2021-04-27 00:54:33
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
40f396f082db82f66ae0f5a867b80b56
cf-ray
6ee64ebe0fc223f7-ZRH
cdn-requestcountrycode
CH
cdn-requestpullsuccess
True
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d402b35e6e0d996cc57dfb1f40a87b672f1eb4dfe0744da6d9c40b0d26592815
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 19 Mar 2022 12:40:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 19 Mar 2022 12:45:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 19 Mar 2022 12:45:51 GMT
js
www.googletagmanager.com/gtag/ 		92 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-129758818-12
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e828f77de3b52767d0e2b02fe64059ea637f102133c5e84ee4b1596e99a3c02d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36791
x-xss-protection
0
last-modified
Sat, 19 Mar 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 19 Mar 2022 12:45:51 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
0720b994508a4b42921948e4cfb5df3df04bd62334f240274ff15e37624a640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27857
x-xss-protection
0
server
sffe
etag
"1162 / 579 of 1000 / last-modified: 1647641058"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 19 Mar 2022 12:45:51 GMT
logo1s.png
link1s.com/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://link1s.com/logo1s.png
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
fbs / LarVPS
Resource Hash
a1e2b0dcdc48527c85aa69b5f00854c11cb4b4554544098f2473119428c38017
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 28 Feb 2021 03:13:41 GMT
server
fbs
x-powered-by
LarVPS
x-download-options
noopen
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-hw
1647693951.cds207.fr8.hn,1647693951.cds108.fr8.c
content-type
image/png
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000
accept-ranges
bytes
content-length
30338
etag
"603b0a65-7682"
vyl1msc.gif
i.imgur.com/ 		621 KB
622 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/vyl1msc.gif
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
e71e1c2805931c552d9bea70ee881ab61d9baca7fecbd841aef350069ca085ac
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:51 GMT
x-content-type-options
nosniff
age
284772
x-cache
HIT, HIT
content-length
636112
x-served-by
cache-iad-kiad7000176-IAD, cache-fra19174-FRA
last-modified
Mon, 28 Feb 2022 03:37:54 GMT
server
cat factory 1.0
x-timer
S1647693952.744835,VS0,VE2
etag
"070ebece8bfd63bd057c0540b3ac3b4e"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
160x600.png
1shorten.com/img/refbanner/ 		129 KB
129 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1shorten.com/img/refbanner/160x600.png
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
fbs / LarVPS
Resource Hash
c0a07e246580ede6e5f40f6f3a6f528b41789f8f450ee167c667f8785511b6ac
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Nov 2020 14:50:17 GMT
server
fbs
x-powered-by
LarVPS
x-download-options
noopen
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-hw
1647693951.cds120.fr8.hn,1647693951.cds280.fr8.c
content-type
image/png
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000
accept-ranges
bytes
content-length
131861
etag
"5f9ecb29-20315"
l1Zbjfw.png
i.imgur.com/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/l1Zbjfw.png
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
f6bd2756152577c9beb461baadeb2ae39a0e101e4890c7e5c0c0814c34c32de7
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:51 GMT
x-content-type-options
nosniff
age
282312
x-cache
HIT, HIT
content-length
52499
x-served-by
cache-iad-kjyo7100092-IAD, cache-fra19174-FRA
last-modified
Sun, 06 Mar 2022 22:52:28 GMT
server
cat factory 1.0
x-timer
S1647693952.744884,VS0,VE1
etag
"cf6dcb1eb38fe68de18507d062e332de"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1209
adx
pubads.g.doubleclick.net/gampad/ 		55 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22558101590/anhdep24.com_970x90_anchor_DFP&sz=970x90%7C728x90%7C320x100&t=Placement_type%3Dserving&1647693951727
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
68f96e81408856521e0cc8a6cae76b68111ef7d701b9cce7babbbd2c07b6d8f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:51 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12943
x-xss-protection
0
google-lineitem-id
5937249026
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138385211646
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://anhdep24.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
anhdep24.com/sbbi/ Frame 3EFD 		25 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://anhdep24.com/sbbi/?sbbpg=sbbShell&gprid=ce&sbbgs=h43d0978e952a7df2037d1667581d893d264&ddl=2
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
fbs /
Resource Hash
4f1fc0f98ddd08960543d7ef904200c1631406aa708d0968276b0f5200aa8f29

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

date
Sat, 19 Mar 2022 12:45:51 GMT
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
server
fbs
x-accel-expires
0
x-hw
1647693951.cds261.fr8.hn,1647693951.cds001.fr8.sc,1647693951.cdn2-redis01-fra1.stackpath.systems.-.i,1647693951.cds001.fr8.p
access-control-allow-origin
*
/
anhdep24.com/sbbi/ 		43 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://anhdep24.com/sbbi/?sbbpg=utMedia&vii=8h24331d60c9e728cec925f2daa70d7f92a093772df1863637e5a8c1fd38b953rdn2r6o4
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
fbs /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
x-accel-expires
0
date
Sat, 19 Mar 2022 12:45:51 GMT
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
server
fbs
x-hw
1647693951.cds261.fr8.hn,1647693951.cds158.fr8.sc,1647693951.cdn2-wafbe03-fra1.stackpath.systems.-.i,1647693951.cds158.fr8.p
content-type
image/gif
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v28/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v28/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://anhdep24.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 22:45:44 GMT
x-content-type-options
nosniff
age
309607
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16692
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:06:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Mar 2023 22:45:44 GMT
adx
pubads.g.doubleclick.net/gampad/ 		55 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22558101590/anhdep24.com_728x90_leaderboard_DFP&sz=728x90%7C300x250&t=Placement_type%3Dserving&1647693951741
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
060ac49f3c5f6cda4d5873537db897ee93e830013cef08d02c80843886615791
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:51 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12929
x-xss-protection
0
google-lineitem-id
5937271364
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138385141679
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://anhdep24.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2
fonts.gstatic.com/s/opensans/v28/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v28/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41eca038a89407c0b40c67b7140642ab8994df016e11179016278bd7ad76564c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://anhdep24.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 23:01:28 GMT
x-content-type-options
nosniff
age
308663
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12956
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:06:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Mar 2023 23:01:28 GMT
adx
pubads.g.doubleclick.net/gampad/ 		55 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22558101590/anhdep24.com_728x90_leaderboard_DFP&sz=728x90%7C300x250&t=Placement_type%3Dserving&1647693951752
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
060ac49f3c5f6cda4d5873537db897ee93e830013cef08d02c80843886615791
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:51 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12929
x-xss-protection
0
google-lineitem-id
5937271364
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138385141712
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://anhdep24.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adx
pubads.g.doubleclick.net/gampad/ 		55 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22558101590/anhdep24.com_300x600_sidebar_sticky_desktop_DFP&sz=300x600&t=Placement_type%3Dserving&1647693951766
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
52d310c721b75b299ede4773167a2c0752533c98ebd3d07193aa45b8af408d43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:51 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12942
x-xss-protection
0
google-lineitem-id
5935356906
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138385673449
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://anhdep24.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adx
pubads.g.doubleclick.net/gampad/ 		55 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22558101590/anhdep24.com_728x90_leaderboard_DFP&sz=728x90%7C300x250&t=Placement_type%3Dserving&1647693951777
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
060ac49f3c5f6cda4d5873537db897ee93e830013cef08d02c80843886615791
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:51 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12929
x-xss-protection
0
google-lineitem-id
5937271364
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138385671868
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://anhdep24.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4vaVIGxA.woff2
fonts.gstatic.com/s/opensans/v28/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v28/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4vaVIGxA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e7e497b5072fd3b9282efb51fc006abf812732e576f7ee8643829f02ff5077f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://anhdep24.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 23:40:15 GMT
x-content-type-options
nosniff
age
306336
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7196
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:04:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Mar 2023 23:40:15 GMT
pubads_impl_2022031401.js
securepubads.g.doubleclick.net/gpt/ 		364 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:37:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
481
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126502
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 08:34:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 19 Mar 2023 12:37:50 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		92 B
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=anhdep24.com
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ee48cd0fbc2ecdb2a4961fc69fc449c1a2bd316ae0b6e8dea97a32084f3ae222
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 19 Mar 2022 12:45:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86
x-xss-protection
0
expires
Sat, 19 Mar 2022 12:45:51 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-129758818-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2465
date
Sat, 19 Mar 2022 12:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 19 Mar 2022 14:04:46 GMT
stpd220112.js
stpd.cloud/assets/postbid/ Frame 42C6 		478 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stpd.cloud/assets/postbid/stpd220112.js
Requested by
Host: www.google.com
URL: https://www.google.com/url?sa=t&source=web&rct=j&url=https://anhdep24.com/&ved=2ahUKEwihv5-mtIr2AhVfxzgGHdFqByIQFnoECAIQAQ&usg=AOvVaw2yuQNotRdTrslaDrqhKydp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:28fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff28592ae2b0572a76b11239cd63a9c88412201a72ea0e994894f4bcd6d9d4bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
bDGrZ1LqinsbttFnOfc0iQ==
age
976
x-ms-lease-status
unlocked
last-modified
Fri, 18 Mar 2022 12:27:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B3JIyodCoORFxxADAdys9NEbp9kE2xT19vAE5VWSKXwrHmocADgZ0ytLiPa5%2Bo4EXhdusq1gs4Esu%2FBfx2TOe1XottC1JZ3yKTxNSgldRo%2FOCtX2R3upMKb%2BltgfrUlCF5Yi4Rv%2FMSA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1b48752d-c01e-0013-68c3-3adb9b000000
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
6ee64ec08bce021d-ZRH
stpd220112.js
stpd.cloud/assets/postbid/ Frame D6DC 		478 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stpd.cloud/assets/postbid/stpd220112.js
Requested by
Host: www.google.com
URL: https://www.google.com/url?sa=t&source=web&rct=j&url=https://anhdep24.com/&ved=2ahUKEwihv5-mtIr2AhVfxzgGHdFqByIQFnoECAIQAQ&usg=AOvVaw2yuQNotRdTrslaDrqhKydp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:28fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff28592ae2b0572a76b11239cd63a9c88412201a72ea0e994894f4bcd6d9d4bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
bDGrZ1LqinsbttFnOfc0iQ==
age
976
x-ms-lease-status
unlocked
last-modified
Fri, 18 Mar 2022 12:27:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2DtzcQsAvTBBXUQwxrL71R2ShyV7f14pr41nbMvK1%2BBOGcbhjeHekmwS93AjMgkuS2h5zq7NGxruFY5ez68fY%2BzfFNxpkBuGQpkDTM7gbwLw9RA%2BsEtR6J68TRlywO33azJfbPCJM64%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1b48752d-c01e-0013-68c3-3adb9b000000
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
6ee64ec08bd2021d-ZRH
stpd220112.js
stpd.cloud/assets/postbid/ Frame 32CB 		478 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stpd.cloud/assets/postbid/stpd220112.js
Requested by
Host: www.google.com
URL: https://www.google.com/url?sa=t&source=web&rct=j&url=https://anhdep24.com/&ved=2ahUKEwihv5-mtIr2AhVfxzgGHdFqByIQFnoECAIQAQ&usg=AOvVaw2yuQNotRdTrslaDrqhKydp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:28fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff28592ae2b0572a76b11239cd63a9c88412201a72ea0e994894f4bcd6d9d4bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
bDGrZ1LqinsbttFnOfc0iQ==
age
976
x-ms-lease-status
unlocked
last-modified
Fri, 18 Mar 2022 12:27:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=luny8N418CLsVd1tyzb7Wqt6xzOiZbxThEAy3YMwcKOknsFPSOAsQqdN2YbhxMHOZ63cfV3TBq5Q4qYJ9Rtn2lciyHSbDY4cyhbkVY2jkSh%2FjdSfEWcIaxhgviy1IitW3ycT%2BSziDpQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1b48752d-c01e-0013-68c3-3adb9b000000
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
6ee64ec09bd5021d-ZRH
stpd220112.js
stpd.cloud/assets/postbid/ Frame A103 		478 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stpd.cloud/assets/postbid/stpd220112.js
Requested by
Host: www.google.com
URL: https://www.google.com/url?sa=t&source=web&rct=j&url=https://anhdep24.com/&ved=2ahUKEwihv5-mtIr2AhVfxzgGHdFqByIQFnoECAIQAQ&usg=AOvVaw2yuQNotRdTrslaDrqhKydp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:28fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff28592ae2b0572a76b11239cd63a9c88412201a72ea0e994894f4bcd6d9d4bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
bDGrZ1LqinsbttFnOfc0iQ==
age
976
x-ms-lease-status
unlocked
last-modified
Fri, 18 Mar 2022 12:27:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vxj3IkCUuu9hb7hPUUmkVBOXgupaj%2Bj9R3Nu98wjM9DBmfXlVhnmkR%2BTKVxPweZE8%2F2s6icY6LZ8t6Vya8LmK8uJ0D%2FnJe%2FfH2Zvgw6E43ydR7VWSkGIfKx19gkQm3zKWjKqQPkSksg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1b48752d-c01e-0013-68c3-3adb9b000000
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
6ee64ec09bd8021d-ZRH
stpd220112.js
stpd.cloud/assets/postbid/ Frame 1D0C 		478 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stpd.cloud/assets/postbid/stpd220112.js
Requested by
Host: www.google.com
URL: https://www.google.com/url?sa=t&source=web&rct=j&url=https://anhdep24.com/&ved=2ahUKEwihv5-mtIr2AhVfxzgGHdFqByIQFnoECAIQAQ&usg=AOvVaw2yuQNotRdTrslaDrqhKydp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:28fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff28592ae2b0572a76b11239cd63a9c88412201a72ea0e994894f4bcd6d9d4bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
bDGrZ1LqinsbttFnOfc0iQ==
age
976
x-ms-lease-status
unlocked
last-modified
Fri, 18 Mar 2022 12:27:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3QNg9Jw4CSSai0o%2FElDYSg8ZMo7A92LpBuoGAGCQlbIkc09Yyuv2hE3lE84apKnSC4P8Npsk6JbiDgeu%2B3WkNATGnpcb7Zz%2FFmoqNIVDM8gnRVKz8pDGLzJnnWfwIRnteKDFXWwgZGI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1b48752d-c01e-0013-68c3-3adb9b000000
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
6ee64ec09bdc021d-ZRH
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=anhdep24.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:801::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=anhdep24.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		960 B
555 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2103073919475594&correlator=904718738020196&eid=31065485%2C31064018&output=ldjh&gdfp_req=1&vrg=2022031401&ptt=17&impl=fifs&iu_parts=147246189%3A22558101590%2Canhdep24.com_interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=2161680503&sfv=1-0-38&ecs=20220319&ists=1&fas=8&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1647693952198&lmt=1647693952&dlt=1647693951623&idt=544&biw=1600&bih=1200&adxs=-9&adys=-9&oid=2&ucis=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fanhdep24.com%2F&ref=https%3A%2F%2Fwww.google.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=352553347.1647693952&ga_sid=1647693952&ga_hid=651680926&ga_fc=false&btvi=-1&nvt=1
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
9163ab146c3bbc43bab36ec4b5af7ac4dd308aef22b0ae79385aea3878e9d0fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
525
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://anhdep24.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ccc7a1f90e572e6e8a4b60076af0efa6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9A5F 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ccc7a1f90e572e6e8a4b60076af0efa6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 19 Mar 2022 12:45:52 GMT
expires
Sun, 19 Mar 2023 12:45:52 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pubads_impl_page_level_ads_2022031401.js
securepubads.g.doubleclick.net/gpt/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022031401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
08df2978062ef1be1c6237860067c31b5e32c94d01a8b8d4af6d5a4b523e4840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 18:11:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
412437
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13277
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 08:34:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 14 Mar 2023 18:11:55 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=651680926&t=pageview&_s=1&dl=https%3A%2F%2Fanhdep24.com%2F&dr=https%3A%2F%2Fwww.google.com%2F&ul=en-us&de=UTF-8&dt=Anh%20Dep%2024%20-%20Share%20technology%20and%20tutorials&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=2105773027&gjid=1160284623&cid=352553347.1647693952&tid=UA-129758818-12&_gid=1466469366.1647693952&_r=1&gtm=2ou3e0&z=1297704292
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://anhdep24.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fanhdep24.com%2F&domain=anhdep24.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://anhdep24.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
https://anhdep24.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1711
date
Sat, 19 Mar 2022 12:45:52 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
localstore.js
script.4dex.io/ Frame 32CB 		483 B
554 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1814
content-type
application/javascript
x-amz-request-id
tx0d309849e7dd4b7e9123a-006230a0ad
x-amz-id-2
tx0d309849e7dd4b7e9123a-006230a0ad
last-modified
Tue, 15 Mar 2022 14:20:20 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wYoc5nNsAOAxAUCBrkoGWO6OPdRbNsUdfE8Kw8o1%2B5TwettXI4j9aA0ZH7GbniXni%2Ff41ft4f1i7L2vSWG7QFIHpXCm70EXmydhR%2BFZUabr6eMVJfr9%2FoBCx%2FcdH40HjGNxhyVB767MwsvGM"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1647354020753810
cache-control
public, max-age=1800
cf-ray
6ee64ec27db35a2b-MXP
expires
Sat, 19 Mar 2022 13:15:52 GMT
sid
mug.criteo.com/ Frame 32CB
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fanhdep24.com%2F&domain=anhdep24.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=y9OjI3xJOWF2R2FCK2FSMDNKSVFxNTFGTFE0emVUVDdTNmlMS0pYaFVNNnhhMlp4T0p5ZzRlRmNLeEFZd2hFOVVRb2ZKbTB6dXZMdEh5WmU1RmdGRmJEb0UxZjNGL2xjMDRIck1zMkxxVUcwN2dsRmFvM2RMRU5aeGtuVH...
345 B
614 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=y9OjI3xJOWF2R2FCK2FSMDNKSVFxNTFGTFE0emVUVDdTNmlMS0pYaFVNNnhhMlp4T0p5ZzRlRmNLeEFZd2hFOVVRb2ZKbTB6dXZMdEh5WmU1RmdGRmJEb0UxZjNGL2xjMDRIck1zMkxxVUcwN2dsRmFvM2RMRU5aeGtuVHdvaFV4MS9RWnh3b05kTy9yRGtrQnRGYUprVC9pKzA4alNPVGZUUmZHVjJvOHM3UE4yclRBN3U4cDVmYW5WK2w2WllkZFZhblo5cGoyZlZuUjJyRG9teTZiMDZkd2pjYTNPdG1rMXhscHNZS2trTGs2empVPXw&cppv=2
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
74cde492a5fe769328da9889a4711d5ee6b53c8152247650749b5df1fd0dc2b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3005
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:51 GMT
location
https://mug.criteo.com/sid?cpp=y9OjI3xJOWF2R2FCK2FSMDNKSVFxNTFGTFE0emVUVDdTNmlMS0pYaFVNNnhhMlp4T0p5ZzRlRmNLeEFZd2hFOVVRb2ZKbTB6dXZMdEh5WmU1RmdGRmJEb0UxZjNGL2xjMDRIck1zMkxxVUcwN2dsRmFvM2RMRU5aeGtuVHdvaFV4MS9RWnh3b05kTy9yRGtrQnRGYUprVC9pKzA4alNPVGZUUmZHVjJvOHM3UE4yclRBN3U4cDVmYW5WK2w2WllkZFZhblo5cGoyZlZuUjJyRG9teTZiMDZkd2pjYTNPdG1rMXhscHNZS2trTGs2empVPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://anhdep24.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2008
content-length
482
expires
0
481.json
id5-sync.com/g/v2/ Frame 32CB 		213 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/481.json
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.20 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p14.id5-sync.com
Software
/
Resource Hash
c0a57459dbef158b23ad3256f2b6b8a259a62d6c8bc7b20bfd1f35af69367eda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://anhdep24.com
Date
Sat, 19 Mar 2022 12:45:52 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
gpt.js
www.googletagservices.com/tag/js/ Frame 32CB 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a7600433acd091184da962ed409c9748e1c2bf72d56c59a284a10a77ba3e883
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27979
x-xss-protection
0
server
sffe
etag
"1162 / 185 of 1000 / last-modified: 1647641112"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 19 Mar 2022 12:45:52 GMT
usync.html
eus.rubiconproject.com/ Frame 0CDA
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"40014-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 19 Mar 2022 12:45:52 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
date
Sat, 19 Mar 2022 12:45:52 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fanhdep24.com%2F&domain=anhdep24.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://anhdep24.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
https://anhdep24.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1370
date
Sat, 19 Mar 2022 12:45:51 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
localstore.js
script.4dex.io/ Frame A103 		483 B
965 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1814
content-type
application/javascript
x-amz-request-id
tx0d309849e7dd4b7e9123a-006230a0ad
x-amz-id-2
tx0d309849e7dd4b7e9123a-006230a0ad
last-modified
Tue, 15 Mar 2022 14:20:20 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6w9Qazj3YlA0J6Iu0pLC5wIeiPhHSI5oRTwlIdNZ42hSNHCCwOWS7XeVpaLon8j9JKrZ4sQYsZgPK4SJqECmIoiIGHqwHJEC%2BKbUvPiImcP%2Fb%2Fw4KnDroH5ixQJW3cZE31bVMXCNVyTBgpST"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1647354020753810
cache-control
public, max-age=1800
cf-ray
6ee64ec27dbd5a2b-MXP
expires
Sat, 19 Mar 2022 13:15:52 GMT
sid
mug.criteo.com/ Frame A103
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fanhdep24.com%2F&domain=anhdep24.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=pQTW5XxaVkJEdTgvQVNUcDZ6VHVPenc5WG12VER2bnRvTEt1L2d4YWFIbkRGcERRMXlhZXBURWFNeW96bDQ2N0VQMmhDbFFPUHVOK05JNEtIRGd6UjdybEZtZlJBblRUZUZOYjB3VmNJUnFkZUNRM3ZUWXpXeU1UYmcwOW...
344 B
614 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=pQTW5XxaVkJEdTgvQVNUcDZ6VHVPenc5WG12VER2bnRvTEt1L2d4YWFIbkRGcERRMXlhZXBURWFNeW96bDQ2N0VQMmhDbFFPUHVOK05JNEtIRGd6UjdybEZtZlJBblRUZUZOYjB3VmNJUnFkZUNRM3ZUWXpXeU1UYmcwOW5hNG9CbmpqUnVNRExJSWpxdVVHWEVTb3N0ZzRPdEsyYTRJckovSC9xOG9ob0huSEpPcEM3S1RmTk5JeC9kdyt1QTd6UlVMSDJuUzdMU25Ld2JFeHZSamx2NFBHY1JIdEJBNE1sbjg1RTIvWDE5bkZabWljPXw&cppv=2
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
f0c98c713b5c7607c74703455dec4a3ebb11dc2c5d3e6ee53e3e7b9bd43df0eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2563
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
location
https://mug.criteo.com/sid?cpp=pQTW5XxaVkJEdTgvQVNUcDZ6VHVPenc5WG12VER2bnRvTEt1L2d4YWFIbkRGcERRMXlhZXBURWFNeW96bDQ2N0VQMmhDbFFPUHVOK05JNEtIRGd6UjdybEZtZlJBblRUZUZOYjB3VmNJUnFkZUNRM3ZUWXpXeU1UYmcwOW5hNG9CbmpqUnVNRExJSWpxdVVHWEVTb3N0ZzRPdEsyYTRJckovSC9xOG9ob0huSEpPcEM3S1RmTk5JeC9kdyt1QTd6UlVMSDJuUzdMU25Ld2JFeHZSamx2NFBHY1JIdEJBNE1sbjg1RTIvWDE5bkZabWljPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://anhdep24.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1876
content-length
482
expires
0
481.json
id5-sync.com/g/v2/ Frame A103 		213 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/481.json
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.20 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p14.id5-sync.com
Software
/
Resource Hash
9f034836810184ae316a3ff4cbec4cfbe241b37a872063e63c3cc9a2bae4d2b3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://anhdep24.com
Date
Sat, 19 Mar 2022 12:45:52 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
gpt.js
www.googletagservices.com/tag/js/ Frame A103 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8192b4a25481c12969a2c9cea288be00f474ebabb39f5d3a3426aba02adcbe2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27851
x-xss-protection
0
server
sffe
etag
"1162 / 11 of 1000 / last-modified: 1647641058"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 19 Mar 2022 12:45:52 GMT
usync.html
eus.rubiconproject.com/ Frame 97CA
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"40014-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 19 Mar 2022 12:45:52 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
date
Sat, 19 Mar 2022 12:45:52 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fanhdep24.com%2F&domain=anhdep24.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://anhdep24.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
https://anhdep24.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1471
date
Sat, 19 Mar 2022 12:45:52 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
localstore.js
script.4dex.io/ Frame 42C6 		483 B
566 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1814
content-type
application/javascript
x-amz-request-id
tx0d309849e7dd4b7e9123a-006230a0ad
x-amz-id-2
tx0d309849e7dd4b7e9123a-006230a0ad
last-modified
Tue, 15 Mar 2022 14:20:20 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lW3IHsatHL3NEnaIlrlBeeibiChh7mzTgJmzIjYWgL8%2BogqUgU9KPUPBPCwjp6r5NhHY3JQJsEKRht7vxiEWGEaOhIb4b1z%2BCLQqTOZGL4%2BJEhTCXwIxCSc8sFhhUQJK%2FTmRZAW0Wvf%2Bs029"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1647354020753810
cache-control
public, max-age=1800
cf-ray
6ee64ec27db95a2b-MXP
expires
Sat, 19 Mar 2022 13:15:52 GMT
sid
mug.criteo.com/ Frame 42C6
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fanhdep24.com%2F&domain=anhdep24.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=lZrHknw3NXBKbWZuaE93b1lpYTdUa0tIRWV4K05IYlljMVo5KzhnT21CbG81WFhkTTlXU0o3U01FSFhGMUZEa29DSXFOa3J0aEZJQ09udXZna1RFMjFqaytxZmxLK3R3RlBGZTZRcHFYNmVGQVZ2VjNpKytBcHdTZ0xGNk...
345 B
614 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=lZrHknw3NXBKbWZuaE93b1lpYTdUa0tIRWV4K05IYlljMVo5KzhnT21CbG81WFhkTTlXU0o3U01FSFhGMUZEa29DSXFOa3J0aEZJQ09udXZna1RFMjFqaytxZmxLK3R3RlBGZTZRcHFYNmVGQVZ2VjNpKytBcHdTZ0xGNkpyYWlOWDVaNVF4RUNyWWU4a0t0QmwvNTRBaGlqZC80eFcrWUpJaXlhaHUxWWtvV3NmV1RVQnhIYXp3djJFeXg1L0FoZEUzWVhkcDFnZnEyOGw0TlIxWnltT012RXFoZ01PMUFSY0ZvTGtzSEZqcHY1UU9vPXw&cppv=2
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e93b8adb993c15aa79a355833c9f139a100cec2162da823bf432e6559523da9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:51 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2551
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:51 GMT
location
https://mug.criteo.com/sid?cpp=lZrHknw3NXBKbWZuaE93b1lpYTdUa0tIRWV4K05IYlljMVo5KzhnT21CbG81WFhkTTlXU0o3U01FSFhGMUZEa29DSXFOa3J0aEZJQ09udXZna1RFMjFqaytxZmxLK3R3RlBGZTZRcHFYNmVGQVZ2VjNpKytBcHdTZ0xGNkpyYWlOWDVaNVF4RUNyWWU4a0t0QmwvNTRBaGlqZC80eFcrWUpJaXlhaHUxWWtvV3NmV1RVQnhIYXp3djJFeXg1L0FoZEUzWVhkcDFnZnEyOGw0TlIxWnltT012RXFoZ01PMUFSY0ZvTGtzSEZqcHY1UU9vPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://anhdep24.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2778
content-length
482
expires
0
481.json
id5-sync.com/g/v2/ Frame 42C6 		213 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/481.json
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.20 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p14.id5-sync.com
Software
/
Resource Hash
334f35d594e84905143665705c5ed7b3cd30d83a2cd34b96eb97e139cb5ff764
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://anhdep24.com
Date
Sat, 19 Mar 2022 12:45:52 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
gpt.js
www.googletagservices.com/tag/js/ Frame 42C6 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa6780f3226440fe0a1ec6f664da610f31bee7bc3abdc5ffcfc566a311ed63fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27852
x-xss-protection
0
server
sffe
etag
"1162 / 41 of 1000 / last-modified: 1647641058"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 19 Mar 2022 12:45:52 GMT
usync.html
eus.rubiconproject.com/ Frame 27C2
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"40014-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 19 Mar 2022 12:45:52 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
date
Sat, 19 Mar 2022 12:45:52 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fanhdep24.com%2F&domain=anhdep24.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://anhdep24.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
https://anhdep24.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1545
date
Sat, 19 Mar 2022 12:45:51 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
localstore.js
script.4dex.io/ Frame 1D0C 		483 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1814
content-type
application/javascript
x-amz-request-id
tx0d309849e7dd4b7e9123a-006230a0ad
x-amz-id-2
tx0d309849e7dd4b7e9123a-006230a0ad
last-modified
Tue, 15 Mar 2022 14:20:20 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PwNcsa31bvCfJzhg1NEF8Vao0iJzNGDuLPoDJSJQNjlxNbrccZKycGlnPSKUriteK8Nfm6Rr08z7S9che6Wu3KTCzSq8EPqD2orSKHQyBMShXF7MA8V2ECc5BZPHSohAiTxtaFisxcKqR%2FiT"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1647354020753810
cache-control
public, max-age=1800
cf-ray
6ee64ec2ce865a2b-MXP
expires
Sat, 19 Mar 2022 13:15:52 GMT
sid
mug.criteo.com/ Frame 1D0C
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fanhdep24.com%2F&domain=anhdep24.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=orhQenxVbjFSRHpJTDAvZUsyQ0duYnEzbitUamM4WDNIY3JWWFhnMk1GbmxjVm5LTS85VTc0QzFSY1kwb0xPeG5BcWE2VUhWQTlJR2hwTFRpUk9tMUczbUEreDRMVWZ2dTJ2TVZXV1hiUFBtTFhRd1R5SU9oRHZRcVlmMl...
336 B
607 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=orhQenxVbjFSRHpJTDAvZUsyQ0duYnEzbitUamM4WDNIY3JWWFhnMk1GbmxjVm5LTS85VTc0QzFSY1kwb0xPeG5BcWE2VUhWQTlJR2hwTFRpUk9tMUczbUEreDRMVWZ2dTJ2TVZXV1hiUFBtTFhRd1R5SU9oRHZRcVlmMlVzRVFqNFlWWVU2dFVqSkhndFA0cmRhMUZ0S3ZIa2Z4N3NMeDZmY21xTVlHRE5mY0kwUXpHcWs5S3FpbVd4VGFvZEl6d21maURtZU93YmY0Z2JUNlJxSmJjNzZvR0pnZHNmcmozM1JHcEU5Wm8wMUxkdjhnPXw&cppv=2
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
a84d5b8b9f8d086573bb070e1f90ea3ec1047dbb13904975b92af15008a28b3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2866
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:51 GMT
location
https://mug.criteo.com/sid?cpp=orhQenxVbjFSRHpJTDAvZUsyQ0duYnEzbitUamM4WDNIY3JWWFhnMk1GbmxjVm5LTS85VTc0QzFSY1kwb0xPeG5BcWE2VUhWQTlJR2hwTFRpUk9tMUczbUEreDRMVWZ2dTJ2TVZXV1hiUFBtTFhRd1R5SU9oRHZRcVlmMlVzRVFqNFlWWVU2dFVqSkhndFA0cmRhMUZ0S3ZIa2Z4N3NMeDZmY21xTVlHRE5mY0kwUXpHcWs5S3FpbVd4VGFvZEl6d21maURtZU93YmY0Z2JUNlJxSmJjNzZvR0pnZHNmcmozM1JHcEU5Wm8wMUxkdjhnPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://anhdep24.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1731
content-length
482
expires
0
481.json
id5-sync.com/g/v2/ Frame 1D0C 		213 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/481.json
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.20 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p14.id5-sync.com
Software
/
Resource Hash
70ac3af9751a2113e50b2b5bd7cb1658eebf3f98d6f16b07969ece1c18eed8cf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://anhdep24.com
Date
Sat, 19 Mar 2022 12:45:52 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
gpt.js
www.googletagservices.com/tag/js/ Frame 1D0C 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a75279726f7fdbc346a1e365d7c61f02547301df903c80e15d639682bdd54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27857
x-xss-protection
0
server
sffe
etag
"1162 / 732 of 1000 / last-modified: 1647641112"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 19 Mar 2022 12:45:52 GMT
usync.html
eus.rubiconproject.com/ Frame A168
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"40014-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 19 Mar 2022 12:45:52 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
date
Sat, 19 Mar 2022 12:45:52 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fanhdep24.com%2F&domain=anhdep24.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://anhdep24.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
https://anhdep24.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1586
date
Sat, 19 Mar 2022 12:45:52 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
localstore.js
script.4dex.io/ Frame D6DC 		483 B
566 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1814
content-type
application/javascript
x-amz-request-id
tx0d309849e7dd4b7e9123a-006230a0ad
x-amz-id-2
tx0d309849e7dd4b7e9123a-006230a0ad
last-modified
Tue, 15 Mar 2022 14:20:20 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3TjVo8hEbI2vloAS9yoNo%2Fq4HzDHAmQNfQyh2fQXeLU5jS8CBJ0192g6i%2BAs03phC4rIR9%2BZQgHKaPpJYpfCKcs%2F6%2BsUwy4A5sUpsuOAqMbRuaBVW9JMkoyqet6ZEPNux%2FtvkjVTsTHM1oP"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1647354020753810
cache-control
public, max-age=1800
cf-ray
6ee64ec2eef15a2b-MXP
expires
Sat, 19 Mar 2022 13:15:52 GMT
sid
mug.criteo.com/ Frame D6DC
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fanhdep24.com%2F&domain=anhdep24.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=IV8Pa3xIMm8yQ2lZMk93RzhHQlQ1bWxacWV1V2VGV3l1czNQSzdmMGwyeFZYRHI1czN2bkFrRWdhMGx1U2I1Z3dYYlU1VUpFMWhNVk4yZDBRdVoyQmIwZms3dDZoS3pxYll0MVhycXlWK3p2cWxQNlNVSXVaTFhWNkhjQU...
345 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=IV8Pa3xIMm8yQ2lZMk93RzhHQlQ1bWxacWV1V2VGV3l1czNQSzdmMGwyeFZYRHI1czN2bkFrRWdhMGx1U2I1Z3dYYlU1VUpFMWhNVk4yZDBRdVoyQmIwZms3dDZoS3pxYll0MVhycXlWK3p2cWxQNlNVSXVaTFhWNkhjQUpHRHZpODBFbDVrSStrcG9Dbm91L1ppc1NUU3QweEdTUi9xT3l6UCtFN3RnOHovS1FmYjgyays2dFNzeWxhYmxGa0dhSklTLzZzVHJGYmhldVIzMHJxQ2pCRnExcWYxYVlxZUsrVzE5NW9lNEpaeHVwRk9RPXw&cppv=2
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
d07041abbcda71d98e6a46d5861635e1e523acefa9b9c074816b53d5ea7f0ec1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2813
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
location
https://mug.criteo.com/sid?cpp=IV8Pa3xIMm8yQ2lZMk93RzhHQlQ1bWxacWV1V2VGV3l1czNQSzdmMGwyeFZYRHI1czN2bkFrRWdhMGx1U2I1Z3dYYlU1VUpFMWhNVk4yZDBRdVoyQmIwZms3dDZoS3pxYll0MVhycXlWK3p2cWxQNlNVSXVaTFhWNkhjQUpHRHZpODBFbDVrSStrcG9Dbm91L1ppc1NUU3QweEdTUi9xT3l6UCtFN3RnOHovS1FmYjgyays2dFNzeWxhYmxGa0dhSklTLzZzVHJGYmhldVIzMHJxQ2pCRnExcWYxYVlxZUsrVzE5NW9lNEpaeHVwRk9RPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://anhdep24.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1923
content-length
482
expires
0
481.json
id5-sync.com/g/v2/ Frame D6DC 		213 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/481.json
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.20 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p14.id5-sync.com
Software
/
Resource Hash
5a38a226eb4978a6bf242234fece06a44c212501359013a6e593c3c8ac7c5cab
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://anhdep24.com
Date
Sat, 19 Mar 2022 12:45:52 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
gpt.js
www.googletagservices.com/tag/js/ Frame D6DC 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0720b994508a4b42921948e4cfb5df3df04bd62334f240274ff15e37624a640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27857
x-xss-protection
0
server
sffe
etag
"1162 / 70 of 1000 / last-modified: 1647641058"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 19 Mar 2022 12:45:53 GMT
usync.html
eus.rubiconproject.com/ Frame B56C
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"40014-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 19 Mar 2022 12:45:52 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
date
Sat, 19 Mar 2022 12:45:52 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://anhdep24.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 19 Mar 2022 12:45:52 GMT
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://anhdep24.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
pragma
no-cache
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
cookie_sync
prebid-stag.setupad.net/ Frame 32CB 		1 KB
657 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/cookie_sync
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b55bf7dd15889d4a22f310790e4a465c487f6f55b43cf7667d2726032870a9b

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n00R6ha3Pch6yyUSf0Bwj3kTPi7iQF4mBWCyW47iHlreyth8bMpyiP0Wr1lJzFpVbaft8tBlcN7FOTDfbh62sbMUK1P0EG66gu0izxG7OQOj4EnuGvtsI1PrbeTX11U%2FGwMjxKqnTinAk5FLn628E8%2FZMSYL"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://anhdep24.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6ee64ec42ef93760-MXP
expires
0
auction
prebid-stag.setupad.net/openrtb2/ Frame 32CB 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8423e9f0c907cf77ef87a7eddbcff41a16a7a1fd6a7d20f8c24c01c54b525a10

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=quckwhop1%2BR8dxUlOEsZHosCtT%2FIZJawCrldUe8A3%2FkiL8YRlT0NHvW%2Fu436Ue21kjk6kaFoBFigcPOJdW1%2F2NWvloU56b6hoVHywXszjpT6UgMih1Y8HfbGFyDqoUo1u7crVQqum3%2BgZYznyy6DXAhWfrjH"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://anhdep24.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6ee64ec42efc3760-MXP
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 32CB 		19 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
300e20fcfc96ee9f49d76cafbe17bdb9db8cdc5102004d9b827da584479b694a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 19 Mar 2022 12:45:52 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ef40892b-dce5-4145-b56c-079a4c291126
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://anhdep24.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 32CB 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anhdep24.com
date
Sat, 19 Mar 2022 12:45:52 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
adjson
ads.betweendigital.com/ Frame 32CB 		2 B
908 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.29.165 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anhdep24.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 32CB 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=154926&zone_id=1905014&size_id=2&alt_size_ids=1&rp_schain=1.0,1!setupad.com,1209,1,,,&rf=https%3A%2F%2Fanhdep24.com%2F&tk_flint=pbjs_lite_v6.6.0&x_source.tid=65fa3577-d040-4ac2-a183-61ce9bac679f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.860195374070643
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a9da92c6720285f93b2e9cea1d24b2ca7fa8f661b88ca25fd934ddb952b6cfd6

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 19 Mar 2022 12:45:52 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://anhdep24.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
2330
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame 32CB 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=70467728500
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Mar 2022 12:45:51 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://anhdep24.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
openrtb
adx.adform.net/adx/ Frame 32CB 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3a2cb8bf98bd47f935e610ebd4dc0e6253196f6129d8bf466a5f5176f25c3a44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://anhdep24.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
arj
setupad-d.openx.net/w/1.0/ Frame 32CB 		73 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://setupad-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fanhdep24.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=65fa3577-d040-4ac2-a183-61ce9bac679f&nocache=1647693952600&pubcid=027f5f8d-0bb8-41b7-a73b-4ecc496af89e&schain=1.0%2C1!setupad.com%2C1209%2C1%2C%2C%2C&aus=728x90%2C468x60&divids=div-custom-ad-1647693951992-0&aucs=&auid=556883144
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
a6dd5890bd6d1448cbb4b08f5799ab7ade6a0057431400e539bf33e729422476

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://anhdep24.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
mp.4dex.io/ Frame 32CB 		99 B
575 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b6b8950a978832112ba7c3fe968f49763956353cc0b74d9cfabe50f64d458bd

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

cf-ray
6ee64ec42b4d0219-ZRH
pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://anhdep24.com
expires
0
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
x-err
Validating the Prebid Request adunits. Sampled or No valid non-debug AdUnits
/
hb.emxdgt.com/ Frame 32CB 		0
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1647693952603&src=pbjs
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.98.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-98-225.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anhdep24.com
date
Sat, 19 Mar 2022 12:45:52 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
c
prebid.a-mo.net/a/ Frame 32CB 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anhdep24.com
date
Sat, 19 Mar 2022 12:45:52 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
73
vary
origin, Accept-Encoding
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://anhdep24.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 19 Mar 2022 12:45:52 GMT
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://anhdep24.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
pragma
no-cache
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
cookie_sync
prebid-stag.setupad.net/ Frame A103 		1 KB
662 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/cookie_sync
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b55bf7dd15889d4a22f310790e4a465c487f6f55b43cf7667d2726032870a9b

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KPJKaIpzFGM3YTlJ%2B0HmE98iCZJ0MiSZ%2FHMm8bbumExMuywbiH04h7yrDgwvQfZIqmv8SnpAglw%2BKU3sjJPEHs4xXeWks1dZfwebKj2crBy2GiiiumssKjLgdlorgfotg%2F0Hs7sLR9uuxoasl4iyMHy3Lzv%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://anhdep24.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6ee64ec42eff3760-MXP
expires
0
auction
prebid-stag.setupad.net/openrtb2/ Frame A103 		9 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d4592ab5d7c188cc38658e55c532f0d58d0748dceffad4bac68a59df368d95e

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JR297bFXYmbKTCBNqGOMw0z2no1L2c%2FSohST5AAywAtKGWh3xLD6cfh7dntDRGKnTjJOk%2FKY7MGhj%2BVZzevObrb0xJa6VZfoCmGZfpqb9O0rhNNR5m%2Favj3H32VqPo8o4n4nBleIj%2FVnnbPN%2FOWhXlcQNsTc"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://anhdep24.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6ee64ec42f003760-MXP
expires
0
c
prebid.a-mo.net/a/ Frame A103 		0
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anhdep24.com
date
Sat, 19 Mar 2022 12:45:52 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin, Accept-Encoding
arj
setupad-d.openx.net/w/1.0/ Frame A103 		73 B
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://setupad-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fanhdep24.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=49f7c75c-7879-4f83-8f5e-95879817bcd8&nocache=1647693952610&pubcid=027f5f8d-0bb8-41b7-a73b-4ecc496af89e&schain=1.0%2C1!setupad.com%2C1209%2C1%2C%2C%2C&aus=300x600%2C160x600%2C300x250%2C300x300&divids=div-custom-ad-1647693951995-0&aucs=&auid=556883146
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
adc064b9dc189ee1d9e2bcc170cabc602a3ed93a661b74d5cd986a946ecb5f0b

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://anhdep24.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ Frame A103 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=88593654655
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Mar 2022 12:45:52 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://anhdep24.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame A103 		19 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
53361e848ad07e8adc2a117fd1dfe008402012fd03acda5615edcfcb65075ad2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 19 Mar 2022 12:45:53 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ba83d24a-fc75-400c-bdda-d298df7898df
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://anhdep24.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame A103 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anhdep24.com
date
Sat, 19 Mar 2022 12:45:52 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
/
hb.emxdgt.com/ Frame A103 		0
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1647693952612&src=pbjs
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.98.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-98-225.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anhdep24.com
date
Sat, 19 Mar 2022 12:45:52 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
prebid
mp.4dex.io/ Frame A103 		99 B
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c95c4879a2ac68eccbb3534a6c6a4397ff9552974a7899029d7557a3d5b6e8c

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

cf-ray
6ee64ec42b4e0219-ZRH
pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://anhdep24.com
expires
0
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
x-err
Validating the Prebid Request adunits. Sampled or No valid non-debug AdUnits
openrtb
adx.adform.net/adx/ Frame A103 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
5b030c1c97a6302907d9f151272be4d5372e2a1b9140161487559015399316cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://anhdep24.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
adjson
ads.betweendigital.com/ Frame A103 		2 B
908 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.29.165 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anhdep24.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame A103 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=154926&zone_id=1904018&size_id=15&alt_size_ids=9%2C10%2C48&rp_schain=1.0,1!setupad.com,1209,1,,,&rf=https%3A%2F%2Fanhdep24.com%2F&tk_flint=pbjs_lite_v6.6.0&x_source.tid=49f7c75c-7879-4f83-8f5e-95879817bcd8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5340249277555518
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b9be91d21667f581da21de88d61d2a8efef661c00fa7745ada3c8b5af67f0b02

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 19 Mar 2022 12:45:52 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://anhdep24.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
2356
Expires
Wed, 17 Sep 1975 21:32:10 GMT
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://anhdep24.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 19 Mar 2022 12:45:52 GMT
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://anhdep24.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
pragma
no-cache
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
cookie_sync
prebid-stag.setupad.net/ Frame 42C6 		1 KB
661 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/cookie_sync
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b55bf7dd15889d4a22f310790e4a465c487f6f55b43cf7667d2726032870a9b

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kta81QfBw6iuG7kY1P%2BY0vhDDA26zANHYuO14yBKl7EkzRu11Wz3kTq8B0XloRu3Kwa6gRW1y3%2FTkHQpwV2Np5faT1Qr05cz%2FVd%2FXqO87yfEF22S4PtojATG37OlnuhmbWV8lV927Q8XNwzlO1UM67b2QOyw"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://anhdep24.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6ee64ec42f023760-MXP
expires
0
auction
prebid-stag.setupad.net/openrtb2/ Frame 42C6 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e7683d68ff7e6c0761e732233d7be83714e605d1321fd02dc76ac6410f741

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bDYn39ojxiXhrZv1DHAknkr8v%2FHDJHuPYCGxsUXytbDvYvHT61EmHlN3oG6Qy5RXk04XP9F16wMDLX8fvkQMDyV80MOBnnsCDXgi%2BO26arUPq1iKXQDLgRJFxDqV%2Bo8uBbQhzq8qOux2Fu3OXE%2F6%2BRR67yPl"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://anhdep24.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6ee64ec42f093760-MXP
expires
0
arj
setupad-d.openx.net/w/1.0/ Frame 42C6 		73 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://setupad-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fanhdep24.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=929211eb-c64b-4222-921e-395871094e60&nocache=1647693952619&pubcid=027f5f8d-0bb8-41b7-a73b-4ecc496af89e&schain=1.0%2C1!setupad.com%2C1209%2C1%2C%2C%2C&aus=728x90%2C468x60&divids=div-custom-ad-1647693951989-0&aucs=&auid=556883144
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
0f245cec163612be445ec18d594791e40d7b97494f98e5380644fa107127e1c8

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://anhdep24.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 42C6 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=154926&zone_id=1905014&size_id=2&alt_size_ids=1&rp_schain=1.0,1!setupad.com,1209,1,,,&rf=https%3A%2F%2Fanhdep24.com%2F&tk_flint=pbjs_lite_v6.6.0&x_source.tid=929211eb-c64b-4222-921e-395871094e60&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8800925124765664
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ce2ed8c9266ffa47298f0688b0ed734b7126ad1ddfbd44912fbcc2ccabf790a7

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 19 Mar 2022 12:45:52 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://anhdep24.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
1768
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 42C6 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anhdep24.com
date
Sat, 19 Mar 2022 12:45:52 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
/
hb.emxdgt.com/ Frame 42C6 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1647693952620&src=pbjs
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.98.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-98-225.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anhdep24.com
date
Sat, 19 Mar 2022 12:45:52 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
c
prebid.a-mo.net/a/ Frame 42C6 		0
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anhdep24.com
date
Sat, 19 Mar 2022 12:45:52 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
60
vary
origin, Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ Frame 42C6 		19 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
299338aca015187490226231730cd8c843910cda7489f5e0f210ea3f3a34f1a4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 19 Mar 2022 12:45:52 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
7d6fff05-c352-4795-ac00-187feb1231eb
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://anhdep24.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adjson
ads.betweendigital.com/ Frame 42C6 		2 B
908 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.29.165 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anhdep24.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
prebid
mp.4dex.io/ Frame 42C6 		99 B
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
143dc2ef8b95b614e4805d2aabec417ed02034b6264f1da43ac7f2151a4af507

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

cf-ray
6ee64ec42b500219-ZRH
pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://anhdep24.com
expires
0
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
x-err
Validating the Prebid Request adunits. Sampled or No valid non-debug AdUnits
openrtb
adx.adform.net/adx/ Frame 42C6 		0
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://anhdep24.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cdb
bidder.criteo.com/ Frame 42C6 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=45159434654
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Mar 2022 12:45:52 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://anhdep24.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
cookie_sync
prebid-stag.setupad.net/ Frame 1D0C 		1 KB
963 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/cookie_sync
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b55bf7dd15889d4a22f310790e4a465c487f6f55b43cf7667d2726032870a9b

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2HWhRwVfAm4F8WK7XU0EHFtI5wj0WmAophRiUgy%2BcBjz9dVey57Ar6bK8l29eJVKoGyPbCWCgguK21hMtpECumCAJoFpSCAsnxef7lGlBUWmgRSc4fk1K9SljbIEurSqfX7Yunamibj1nga8G4N0yFy6NGUP"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://anhdep24.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6ee64ec42f033760-MXP
expires
0
auction
prebid-stag.setupad.net/openrtb2/ Frame 1D0C 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f6abe3c7893ef459ce8a6954aa2b3c2ecdaf0b06f47cc45ee4f0e2a243b1fc1

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6aN6nXxulztHG50bNdjt3QWnlIcEgcQ9b8ddHCGxoXrM44XDR4FjTrWQf5A8CVDC6dZ5eyKFt%2BIx8FHl2PoF237Kvv9sXs%2Fig%2F0Z1EcAIGOyKRdF1ErQtlZ9%2FwryXPm2NH2BygKR0jGI53kn7%2BZlwiAgGwER"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://anhdep24.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6ee64ec42f073760-MXP
expires
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 1D0C 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anhdep24.com
date
Sat, 19 Mar 2022 12:45:52 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
mp.4dex.io/ Frame 1D0C 		99 B
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55beb935a57fef4e4c50d3f0964f2d9445406ee651fb127f585f9ec856e6b9c2

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

cf-ray
6ee64ec42b520219-ZRH
pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://anhdep24.com
expires
0
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
x-err
Validating the Prebid Request adunits. Sampled or No valid non-debug AdUnits
prebid
ib.adnxs.com/ut/v3/ Frame 1D0C 		20 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
479c2277e7479c51d99a27ef94c3fb85764f88c417439e74f996af1415a05d5e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 19 Mar 2022 12:45:52 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
8ac528c4-75c4-4e48-bcb8-141ce97fbe92
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://anhdep24.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
setupad-d.openx.net/w/1.0/ Frame 1D0C 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://setupad-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fanhdep24.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=1b4efea7-9ed3-45d2-8d59-8cfa0afc614c&nocache=1647693952652&pubcid=027f5f8d-0bb8-41b7-a73b-4ecc496af89e&schain=1.0%2C1!setupad.com%2C1209%2C1%2C%2C%2C&aus=970x90%2C728x90%2C950x90%2C900x90%2C768x90&divids=div-custom-ad-1647693952003-0&aucs=&auid=556883141
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
514f54e42e2532b79abf4f8c9a7a4bd9b0955fb2fb4cc6044a061a778392efec

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://anhdep24.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ Frame 1D0C 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anhdep24.com
date
Sat, 19 Mar 2022 12:45:52 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
201
vary
origin, Accept-Encoding
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 1D0C 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=154926&zone_id=1923074&size_id=2&alt_size_ids=55&rp_schain=1.0,1!setupad.com,1209,1,,,&rf=https%3A%2F%2Fanhdep24.com%2F&tk_flint=pbjs_lite_v6.6.0&x_source.tid=1b4efea7-9ed3-45d2-8d59-8cfa0afc614c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4996788623209203
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4160f209e2d78ac6b0df96a17249418ea0082d08c4a62b9c35e1fd9c6fd1f931

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 19 Mar 2022 12:45:52 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://anhdep24.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
2353
Expires
Wed, 17 Sep 1975 21:32:10 GMT
/
hb.emxdgt.com/ Frame 1D0C 		0
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1647693952654&src=pbjs
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.98.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-98-225.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anhdep24.com
date
Sat, 19 Mar 2022 12:45:52 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
adjson
ads.betweendigital.com/ Frame 1D0C 		2 B
908 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.29.165 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anhdep24.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
openrtb
adx.adform.net/adx/ Frame 1D0C 		0
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://anhdep24.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cdb
bidder.criteo.com/ Frame 1D0C 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=35864570600
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Mar 2022 12:45:51 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://anhdep24.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://anhdep24.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 19 Mar 2022 12:45:52 GMT
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://anhdep24.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
pragma
no-cache
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://anhdep24.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 19 Mar 2022 12:45:52 GMT
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://anhdep24.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
pragma
no-cache
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
cookie_sync
prebid-stag.setupad.net/ Frame D6DC 		1 KB
671 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/cookie_sync
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b55bf7dd15889d4a22f310790e4a465c487f6f55b43cf7667d2726032870a9b

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWwSIrVJf22xizoO%2FQ8N%2FCBjUe77%2BHcHd7PoovTXRyZvlZyJlbIVPHdqB2WcozyRJLVDSLrRb5NxNCmkiGmjmeC958%2FOHQ9LxIdPIBwXCt%2FdC0%2FG2gLyFBeIWwkR3PDxYfbLX3bq%2FJn2xHLwy4%2BS76j1pUyy"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://anhdep24.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6ee64ec43f443760-MXP
expires
0
auction
prebid-stag.setupad.net/openrtb2/ Frame D6DC 		178 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebb1fa7deec251c028907ce011a15c0d7aaac93ebfabc703aa0cf2d1369d2354

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ot5%2FhgqFzLM%2FvycoTDxcwqP5w4lcw3LER89P7yab%2BZ7XxUoVeVMczJ5GAvM1c%2FIBoqaRcFz5jKBqkD9RCfEoqjbVoO4Ky7TjhX3T%2F%2BJdZd31diWidpxwVTlVyp%2FiJhwK0kRlIV1BAon4fXVJzUCTqf31%2BP1K"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://anhdep24.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6ee64ec43f473760-MXP
expires
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame D6DC 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anhdep24.com
date
Sat, 19 Mar 2022 12:45:52 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
/
hb.emxdgt.com/ Frame D6DC 		0
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1647693952662&src=pbjs
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.98.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-98-225.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anhdep24.com
date
Sat, 19 Mar 2022 12:45:52 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
openrtb
adx.adform.net/adx/ Frame D6DC 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3a96a40c0d46fdb0a4dcd5eb8c06b02cc8b53a7b95df792e6b799f983dba9bbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://anhdep24.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cdb
bidder.criteo.com/ Frame D6DC 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=24881901678
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Mar 2022 12:45:49 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://anhdep24.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
c
prebid.a-mo.net/a/ Frame D6DC 		0
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anhdep24.com
date
Sat, 19 Mar 2022 12:45:52 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin, Accept-Encoding
arj
setupad-d.openx.net/w/1.0/ Frame D6DC 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://setupad-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fanhdep24.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=fadab1c8-7630-44c6-ae64-a464dbeb5af3&nocache=1647693952665&pubcid=027f5f8d-0bb8-41b7-a73b-4ecc496af89e&schain=1.0%2C1!setupad.com%2C1209%2C1%2C%2C%2C&aus=728x90%2C468x60&divids=div-custom-ad-1647693951991-0&aucs=&auid=556883144
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
e969824490eea74dc11def01e7970f60bbe07b1f125be1c42911b01be82b7253

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://anhdep24.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
mp.4dex.io/ Frame D6DC 		99 B
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be8c20be7b4c887b2363c5082070387c8131765c75536c6b0c90f1ef01735c99

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

cf-ray
6ee64ec43b660219-ZRH
pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://anhdep24.com
expires
0
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
x-err
Validating the Prebid Request adunits. Sampled or No valid non-debug AdUnits
prebid
ib.adnxs.com/ut/v3/ Frame D6DC 		20 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ca3db6c2624c8cdcff87fffe7f8d131e591930fff39024dbbdf89bd68d83d9a2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 19 Mar 2022 12:45:52 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
74d3ea02-5f5a-40d5-b95d-29e71f3e064b
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://anhdep24.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame D6DC 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=154926&zone_id=1905014&size_id=2&alt_size_ids=1&rp_schain=1.0,1!setupad.com,1209,1,,,&rf=https%3A%2F%2Fanhdep24.com%2F&tk_flint=pbjs_lite_v6.6.0&x_source.tid=fadab1c8-7630-44c6-ae64-a464dbeb5af3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.0034169487057649217
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9289d101a4e9126dc111d703f6752ad1d6dd0a1b3dd1afc8242be349f67d5564

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 19 Mar 2022 12:45:52 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://anhdep24.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
2296
Expires
Wed, 17 Sep 1975 21:32:10 GMT
adjson
ads.betweendigital.com/ Frame D6DC 		2 B
908 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.29.165 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anhdep24.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
usync.js
eus.rubiconproject.com/ Frame 0CDA 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
438516fa8162e51e80edee405e616a604df367fb55c5a672be5c9a40f2db651c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 12:45:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70098
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9539
Expires
Sun, 20 Mar 2022 08:14:10 GMT
usync.js
eus.rubiconproject.com/ Frame 27C2 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
438516fa8162e51e80edee405e616a604df367fb55c5a672be5c9a40f2db651c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 12:45:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70098
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9539
Expires
Sun, 20 Mar 2022 08:14:10 GMT
usync.js
eus.rubiconproject.com/ Frame 97CA 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
438516fa8162e51e80edee405e616a604df367fb55c5a672be5c9a40f2db651c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 12:45:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70098
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9539
Expires
Sun, 20 Mar 2022 08:14:10 GMT
usync.js
eus.rubiconproject.com/ Frame A168 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
438516fa8162e51e80edee405e616a604df367fb55c5a672be5c9a40f2db651c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 12:45:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70098
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9539
Expires
Sun, 20 Mar 2022 08:14:10 GMT
usync.js
eus.rubiconproject.com/ Frame B56C 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
438516fa8162e51e80edee405e616a604df367fb55c5a672be5c9a40f2db651c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 12:45:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70098
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9539
Expires
Sun, 20 Mar 2022 08:14:10 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=y9OjI3xJOWF2R2FCK2FSMDNKSVFxNTFGTFE0emVUVDdTNmlMS0pYaFVNNnhhMlp4T0p5ZzRlRmNLeEFZd2hFOVVRb2ZKbTB6dXZMdEh5WmU1RmdGRmJEb0UxZjNGL2xjMDRIck1zMkxxVUcwN2dsRmFvM2RMRU5aeGtuVHdvaFV4MS9RWnh3b05kTy9yRGtrQnRGYUprVC9pKzA4alNPVGZUUmZHVjJvOHM3UE4yclRBN3U4cDVmYW5WK2w2WllkZFZhblo5cGoyZlZuUjJyRG9teTZiMDZkd2pjYTNPdG1rMXhscHNZS2trTGs2empVPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1098
date
Sat, 19 Mar 2022 12:45:52 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=pQTW5XxaVkJEdTgvQVNUcDZ6VHVPenc5WG12VER2bnRvTEt1L2d4YWFIbkRGcERRMXlhZXBURWFNeW96bDQ2N0VQMmhDbFFPUHVOK05JNEtIRGd6UjdybEZtZlJBblRUZUZOYjB3VmNJUnFkZUNRM3ZUWXpXeU1UYmcwOW5hNG9CbmpqUnVNRExJSWpxdVVHWEVTb3N0ZzRPdEsyYTRJckovSC9xOG9ob0huSEpPcEM3S1RmTk5JeC9kdyt1QTd6UlVMSDJuUzdMU25Ld2JFeHZSamx2NFBHY1JIdEJBNE1sbjg1RTIvWDE5bkZabWljPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1177
date
Sat, 19 Mar 2022 12:45:52 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=lZrHknw3NXBKbWZuaE93b1lpYTdUa0tIRWV4K05IYlljMVo5KzhnT21CbG81WFhkTTlXU0o3U01FSFhGMUZEa29DSXFOa3J0aEZJQ09udXZna1RFMjFqaytxZmxLK3R3RlBGZTZRcHFYNmVGQVZ2VjNpKytBcHdTZ0xGNkpyYWlOWDVaNVF4RUNyWWU4a0t0QmwvNTRBaGlqZC80eFcrWUpJaXlhaHUxWWtvV3NmV1RVQnhIYXp3djJFeXg1L0FoZEUzWVhkcDFnZnEyOGw0TlIxWnltT012RXFoZ01PMUFSY0ZvTGtzSEZqcHY1UU9vPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1126
date
Sat, 19 Mar 2022 12:45:52 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
adagio.js
script.4dex.io/ Frame A103 		72 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
327f60006e399d96d711bc4bc9b08b12cdd2f0a600a3c26edde260b30aa3e6b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
339845
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx8f60ddda935f461d98413-006230a0ae
x-amz-id-2
tx8f60ddda935f461d98413-006230a0ae
last-modified
Tue, 15 Mar 2022 14:20:19 GMT
server
cloudflare
etag
W/"ad0d3c45f41a818ade0dc83d4b687ff1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RFtFpli9kcZbRTesUJs7v0Z0TZZTyHxB50rXnZPWKgSR4mGUvczkxLtzygAmUa8Z1YobazoLRM%2BrEyMFIoVLbtrLlk0x1fYye8MAXKSyymqa%2B7LL6RIk2zOUapL%2FsgGSnGqRDHeOGZne4zjf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1647354019224084
cf-ray
6ee64ec50d293744-MXP
access-control-allow-headers
Authorization
adagio.js
script.4dex.io/ Frame 42C6 		72 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
327f60006e399d96d711bc4bc9b08b12cdd2f0a600a3c26edde260b30aa3e6b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
339845
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx8f60ddda935f461d98413-006230a0ae
x-amz-id-2
tx8f60ddda935f461d98413-006230a0ae
last-modified
Tue, 15 Mar 2022 14:20:19 GMT
server
cloudflare
etag
W/"ad0d3c45f41a818ade0dc83d4b687ff1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aLS9Sw8j4a129zj1dfZUFuCuHDz5EOOHQClEOWzExkI%2B%2Fha29Qq%2FoTPYMGFA%2FtFlSHdD7Mips5Jip2w5DpNwk5RbngLmFJE07cNJS2%2BaQqyi4PheerUwvCRaTpT7TbyyRezghod7DjUi48bR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1647354019224084
cf-ray
6ee64ec50d2d3744-MXP
access-control-allow-headers
Authorization
adagio.js
script.4dex.io/ Frame 32CB 		72 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
327f60006e399d96d711bc4bc9b08b12cdd2f0a600a3c26edde260b30aa3e6b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
339845
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx8f60ddda935f461d98413-006230a0ae
x-amz-id-2
tx8f60ddda935f461d98413-006230a0ae
last-modified
Tue, 15 Mar 2022 14:20:19 GMT
server
cloudflare
etag
W/"ad0d3c45f41a818ade0dc83d4b687ff1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e7hxUShQ4JRSRaufPzdZZR603dbgpb9Bi7do5J8TX9X4yoXpv%2FdqEr0u%2FmKP99TRBkCzxrDnJ6NMrqDUqo61dubY3p8fTmBlH2R1IFANJKRsYEzLhAPz1sOv44PqtY8Uyl5f0TyIttoR4xUV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1647354019224084
cf-ray
6ee64ec50d333744-MXP
access-control-allow-headers
Authorization
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=orhQenxVbjFSRHpJTDAvZUsyQ0duYnEzbitUamM4WDNIY3JWWFhnMk1GbmxjVm5LTS85VTc0QzFSY1kwb0xPeG5BcWE2VUhWQTlJR2hwTFRpUk9tMUczbUEreDRMVWZ2dTJ2TVZXV1hiUFBtTFhRd1R5SU9oRHZRcVlmMlVzRVFqNFlWWVU2dFVqSkhndFA0cmRhMUZ0S3ZIa2Z4N3NMeDZmY21xTVlHRE5mY0kwUXpHcWs5S3FpbVd4VGFvZEl6d21maURtZU93YmY0Z2JUNlJxSmJjNzZvR0pnZHNmcmozM1JHcEU5Wm8wMUxkdjhnPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1269
date
Sat, 19 Mar 2022 12:45:52 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=IV8Pa3xIMm8yQ2lZMk93RzhHQlQ1bWxacWV1V2VGV3l1czNQSzdmMGwyeFZYRHI1czN2bkFrRWdhMGx1U2I1Z3dYYlU1VUpFMWhNVk4yZDBRdVoyQmIwZms3dDZoS3pxYll0MVhycXlWK3p2cWxQNlNVSXVaTFhWNkhjQUpHRHZpODBFbDVrSStrcG9Dbm91L1ppc1NUU3QweEdTUi9xT3l6UCtFN3RnOHovS1FmYjgyays2dFNzeWxhYmxGa0dhSklTLzZzVHJGYmhldVIzMHJxQ2pCRnExcWYxYVlxZUsrVzE5NW9lNEpaeHVwRk9RPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1125
date
Sat, 19 Mar 2022 12:45:52 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
adagio.js
script.4dex.io/ Frame 1D0C 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
327f60006e399d96d711bc4bc9b08b12cdd2f0a600a3c26edde260b30aa3e6b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
339845
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx8f60ddda935f461d98413-006230a0ae
x-amz-id-2
tx8f60ddda935f461d98413-006230a0ae
last-modified
Tue, 15 Mar 2022 14:20:19 GMT
server
cloudflare
etag
W/"ad0d3c45f41a818ade0dc83d4b687ff1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xGurHs1OveLJG4A9hVbbFUNaTqet9Z4aMbSrO2H17AoZ3CL7EeObDxPLlQqhrCxihzJo7ZmhMpWlTMeZEgERBEG6cb%2BwhaTpM8lndJCXkHsK0ZCBg62V9REhIjplJk7HT60vjITntmBgQDok"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1647354019224084
cf-ray
6ee64ec50d2f3744-MXP
access-control-allow-headers
Authorization
sync.php
pixel.rubiconproject.com/ Frame 1D0C 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/sync.php?p=prebid
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif
adagio.js
script.4dex.io/ Frame D6DC 		72 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
327f60006e399d96d711bc4bc9b08b12cdd2f0a600a3c26edde260b30aa3e6b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
339845
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx8f60ddda935f461d98413-006230a0ae
x-amz-id-2
tx8f60ddda935f461d98413-006230a0ae
last-modified
Tue, 15 Mar 2022 14:20:19 GMT
server
cloudflare
etag
W/"ad0d3c45f41a818ade0dc83d4b687ff1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N5bzzcEFduHCeOH%2Fzc2Z4ceatw8JoVNYP77k%2FmCjSxyjONKI5SeHSfCqdymxKxqApxProkL8uNILizEEMfgfhkW%2FVxH4jF068ubEiMe%2FM9lTldBLQVlEww3DrQbr3x3DRBq6UsSmNK6M%2FJRd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1647354019224084
cf-ray
6ee64ec50d363744-MXP
access-control-allow-headers
Authorization
sync.php
pixel.rubiconproject.com/ Frame A103 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/sync.php?p=prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif
sync.php
pixel.rubiconproject.com/ Frame D6DC 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/sync.php?p=prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif
sync.php
pixel.rubiconproject.com/ Frame 32CB 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/sync.php?p=prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif
/
anhdep24.com/sbbi/ Frame 3EFD 		516 B
484 B 		Document
General
Check archive.org
Download Go to
Full URL
https://anhdep24.com/sbbi/?sbbpg=sbbShell&gprid=ce&sbbgs=h43d0978e952a7df2037d1667581d893d264&ddl=2
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
fbs /
Resource Hash
d155160aea288964eebe06a362795ab879ed657ca75f7ca60d5a1c8e9fe05d7b

Request headers

Upgrade-Insecure-Requests
1
Origin
https://anhdep24.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/sbbi/?sbbpg=sbbShell&gprid=ce&sbbgs=h43d0978e952a7df2037d1667581d893d264&ddl=2

Response headers

date
Sat, 19 Mar 2022 12:45:52 GMT
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
server
fbs
x-accel-expires
0
x-hw
1647693952.cds261.fr8.hn,1647693952.cds217.fr8.sc,1647693952.cdn2-redis02-fra1.stackpath.systems.-.i,1647693952.cds217.fr8.p
access-control-allow-origin
*
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 27C2 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=pbs-setupad&khaos=L0XUFQNK-E-BXVC
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif
pubads_impl_2022031601.js
securepubads.g.doubleclick.net/gpt/ Frame 32CB 		365 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 11:51:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3247
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126823
x-xss-protection
0
last-modified
Wed, 16 Mar 2022 08:34:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 19 Mar 2023 11:51:45 GMT
pubads_impl_2022031401.js
securepubads.g.doubleclick.net/gpt/ Frame A103 		364 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:37:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
482
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126502
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 08:34:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 19 Mar 2023 12:37:50 GMT
pubads_impl_2022031401.js
securepubads.g.doubleclick.net/gpt/ Frame 42C6 		364 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:37:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
482
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126502
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 08:34:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 19 Mar 2023 12:37:50 GMT
pubads_impl_2022031401.js
securepubads.g.doubleclick.net/gpt/ Frame 1D0C 		364 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:35:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
612
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126502
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 08:34:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 19 Mar 2023 12:35:40 GMT
sync.php
pixel.rubiconproject.com/ Frame 42C6 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/sync.php?p=prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif
cookie
cm.adform.net/ Frame D6DC 		43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:52 GMT
server
nginx
content-length
43
content-type
image/gif
cookie
cm.adform.net/ Frame 1D0C 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:52 GMT
server
nginx
content-length
43
content-type
image/gif
cookie
cm.adform.net/ Frame A103 		43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:52 GMT
server
nginx
content-length
43
content-type
image/gif
cookie
cm.adform.net/ Frame 32CB 		43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:52 GMT
server
nginx
content-length
43
content-type
image/gif
cookie
cm.adform.net/ Frame 42C6 		43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:52 GMT
server
nginx
content-length
43
content-type
image/gif
/
anhdep24.com/sbbi/ Frame 3EFD 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://anhdep24.com/sbbi/?sbbpg=sbbShell&gprid=ce
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
fbs /
Resource Hash
5ccb0f3e5aa0b313d991508273a8c01a294ecd07952b0da9e6fa7850883bf6c6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/sbbi/?sbbpg=sbbShell&gprid=ce&sbbgs=h43d0978e952a7df2037d1667581d893d264&ddl=2

Response headers

date
Sat, 19 Mar 2022 12:45:52 GMT
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
server
fbs
x-accel-expires
0
x-hw
1647693952.cds261.fr8.hn,1647693952.cds244.fr8.sc,1647693952.cdn2-wafbe03-fra1.stackpath.systems.-.i,1647693952.cds244.fr8.p
access-control-allow-origin
*
v1
ads.yahoo.com/cms/ Frame 27C2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L0XUFQOX-D-8HHD&sigv=1&esig=2~729293847b9babfdf428df75f36f3d3da97564dd
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L0XUFQOX-D-8HHD&sigv=1&esig=2~729293847b9babfdf428df75f36f3d3da97564dd
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:53 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L0XUFQOX-D-8HHD&sigv=1&esig=2~729293847b9babfdf428df75f36f3d3da97564dd
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 27C2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L0XUFQOX-D-8HHD
0
706 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L0XUFQOX-D-8HHD
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:52 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: CFE204A2B3D149CC8EDFD8D169DB1C28 Ref B: FRAEDGE1116 Ref C: 2022-03-19T12:45:52Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXakaTFNLrkAS3cJ6kdMA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L0XUFQOX-D-8HHD
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 27C2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBYVUZRT1gtRC04SEhE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBYVUZRT1gtRC04SEhE
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBYVUZRT1gtRC04SEhE
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 27C2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEABVwS8xp_2b0XUJ75caoes&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEABVwS8xp_2b0XUJ75caoes&google_cver=1
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEABVwS8xp_2b0XUJ75caoes&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 27C2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTJjNmIzNDRjNDMxMmMwYzYzNzk0NDVjMmY4OWJlOGExNjRjZjhhMg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTJjNmIzNDRjNDMxMmMwYzYzNzk0NDVjMmY4OWJlOGExNjRjZjhhMg
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTJjNmIzNDRjNDMxMmMwYzYzNzk0NDVjMmY4OWJlOGExNjRjZjhhMg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 27C2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/MZUAUwTdLRloamRtesn5og?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4101895431885435614
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4101895431885435614
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif

Redirect headers

date
Sat, 19 Mar 2022 12:45:53 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4101895431885435614
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
rubicon
match.adsrvr.org/track/cmf/ Frame 27C2 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ecm3
s.amazon-adsystem.com/ Frame 27C2
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=3Vhb0eyqSoyZ7fqNshotdw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3Vhb0eyqSoyZ7fqNshotdw
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3Vhb0eyqSoyZ7fqNshotdw
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Mar 2022 12:45:53 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
409QSZ9NYB9B11E8HE3M
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3Vhb0eyqSoyZ7fqNshotdw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
prebid-stag.setupad.net/ Frame 1D0C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
  • https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=4324660553442358576
36 B
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=4324660553442358576
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Server
2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2FeRBcj%2BxvJOcGKPyMSbgPpbdcIJBckNNCzi9n%2F9oaE6AZjtMXetPLZ%2FGQ7%2Beyq6f49enIqxeGX97%2FSHMMNiki3BMh5dGQicXcb42moIMdRxboBceNo2JWh2EV4RVT5X13LnjXRp1wKBU4hM6E0ZO8afk8jH"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
cf-ray
6ee64ec62bfa3760-MXP
content-length
36
expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 19 Mar 2022 12:45:52 GMT
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c23865dd-72f1-45e0-bf7f-cd4852c69792
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=4324660553442358576
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
prebid-stag.setupad.net/ Frame 42C6
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
  • https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=4324660553442358576
36 B
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=4324660553442358576
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Server
2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DqZShdh7N5Wtsb3zjQEgu4xyyWsUrwA99Kv7ndAbwt9IY7E6g1iNL4au9qfDzg5pmuroo1c5znauRhHSjAhPh49jU%2BQ0TtspMP4SD8qS0d03fIkFxTKG5Zv2U%2FzMc7FE8hiUvbL7fg4nNIDr5P6j42ys2Zv8"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
cf-ray
6ee64ec62bf53760-MXP
content-length
36
expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 19 Mar 2022 12:45:52 GMT
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
fad6a92f-b3e4-4176-9681-c79b6eebdfca
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=4324660553442358576
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
prebid-stag.setupad.net/ Frame 32CB
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
  • https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=4324660553442358576
36 B
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=4324660553442358576
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Server
2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7eKzL4%2Fa5qqm8HkfSPe6Rk3JNR7jIDIAcYxuAnxs32o3UZ%2FXNsnVPmY%2BFqGo%2B448ZVgJqHbRtIrOHG0yycgMr61sDpSnmikO3F4JrkVbe%2Ffg6Fn7re6HGOvOlZbqdMAkDyyXiGHrejUvLCfyI441gmG2dexI"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
cf-ray
6ee64ec64c543760-MXP
content-length
36
expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 19 Mar 2022 12:45:52 GMT
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
4c1f64bd-16f3-43e9-a3ff-5626aebb1897
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=4324660553442358576
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
prebid-stag.setupad.net/ Frame D6DC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
  • https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=4324660553442358576
36 B
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=4324660553442358576
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Server
2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e4hW%2FYifOirC8%2FMysNaR916ShMa1uSQJXGZxKNlvcYALsOAfcBVVJuN0Fiz7xVJiDJlNc78mpfzz9P2yqXIsnf7tXZ%2BqFzBfC44KtXcrPEX%2FYoWZZDNJgMq%2Bmf2xcO8oBh8Q51P3A3Caacgse4mrVf3Ws76e"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
cf-ray
6ee64ec66cb23760-MXP
content-length
36
expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 19 Mar 2022 12:45:52 GMT
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
1299ec90-ba9f-4500-ab09-3a3d34ebca3b
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=4324660553442358576
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
prebid-stag.setupad.net/ Frame A103
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
  • https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=4324660553442358576
36 B
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=4324660553442358576
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Server
2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=afvmeTO3rnlLkKySatUWSzWTmQOwabv0cwsa6Q9GlZm7UfIoILp6fEntgEWYFgQMmadJbMmkpIgbf8hGGnsEF2t3ZF687EgotHG5aCovCgOIL8HMukyEHsWRObv1G2ayfIYB63HRxSbNBPBkp2DJqX%2B7DH%2BF"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
cf-ray
6ee64ec66cb63760-MXP
content-length
36
expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 19 Mar 2022 12:45:52 GMT
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
bf307e72-3aeb-4183-adb4-0e4a3e11fc25
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=4324660553442358576
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.de/adsid/ Frame 42C6 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=anhdep24.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 19 Mar 2022 12:45:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 42C6 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=anhdep24.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 19 Mar 2022 12:45:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 42C6 		0
32 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4027972681861695&correlator=3461670125127677&wbsu=e64b8075-38c8-4824-8efb-2bf6cdb4e53f&callback=googletag.wbn1&eid=31064927%2C31060545%2C31065617%2C31065456%2C31065515&output=wbn&gdfp_req=1&vrg=2022031401&ptt=17&impl=fifs&iu_parts=147246189%3A22558101590%2Canhdep24.com_728x90_leaderboard_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&ifi=1&adks=3635354079&sfv=1-0-38&ecs=20220319&fsapi=false&prev_scp=hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.14%26hb_adid%3D3182286e9caa7b2%26hb_bidder%3Drubicon&eri=1&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&sc=1&cookie=ID%3Dec465d8781167cc6%3AT%3D1647693952%3AS%3DALNI_MZPZ0ErYT4Dgm7C2jUeyZ3MxoS5ig&cdm=anhdep24.com&abxe=1&dt=1647693952989&lmt=1647693952&dlt=1647693951867&idt=1069&biw=1600&bih=1200&isw=728&ish=150&adxs=800&adys=258&oid=2&ucis=masky9disjl&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=2&url=https%3A%2F%2Fanhdep24.com%2F&top=https%3A%2F%2Fanhdep24.com%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x150&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=352553347.1647693952&ga_sid=1647693953&ga_hid=647599796&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32327
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
application/webbundle
access-control-allow-origin
https://anhdep24.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
uuid:e64b8075-38c8-4824-8efb-2bf6cdb4e53f
/ Frame 42C6 		422 B
548 B 		Script
General
Check archive.org
Download Go to
Full URL
urn:uuid:e64b8075-38c8-4824-8efb-2bf6cdb4e53f
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
URN
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c466a2afd88dc3f296f17b3f7969994b71d2b86b746f5b6548fa3aca988a1bcc
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

X-Content-Type-Options
nosniff, nosniff
content-type
text/javascript; charset=utf-8
integrator.js
adservice.google.de/adsid/ Frame 32CB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=anhdep24.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 19 Mar 2022 12:45:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 32CB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=anhdep24.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 19 Mar 2022 12:45:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 32CB 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2914790805362464&correlator=2699321281531575&eid=31065691%2C31064019&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=147246189%3A22558101590%2Canhdep24.com_728x90_leaderboard_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&ifi=1&adks=3635216306&sfv=1-0-38&ecs=20220319&fsapi=false&prev_scp=hb_format%3Dbanner%26hb_adid%3D33a017089161b76%26hb_size%3D728x90%26hb_pb%3D0.34%26hb_bidder%3DadformS2S&eri=1&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&sc=1&cookie=ID%3Dec465d8781167cc6%3AT%3D1647693952%3AS%3DALNI_MZPZ0ErYT4Dgm7C2jUeyZ3MxoS5ig&cdm=anhdep24.com&abxe=1&dt=1647693953008&lmt=1647693953&dlt=1647693951881&idt=1014&biw=1600&bih=1200&isw=728&ish=150&adxs=800&adys=541&oid=2&ucis=dtm6eizfxx3n&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=2&url=https%3A%2F%2Fanhdep24.com%2F&top=https%3A%2F%2Fanhdep24.com%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x150&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=352553347.1647693952&ga_sid=1647693953&ga_hid=789931785&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
68cb5ab5bb9364c21c246864bf64a4aba0cb7355a1e75629e591c5cf9339e2f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9329
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://anhdep24.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8B1B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 19 Mar 2022 12:45:53 GMT
expires
Sun, 19 Mar 2023 12:45:53 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
prebid
rtb.openx.net/sync/ Frame 1D0C 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?gdpr=1&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24%7BUID%7D
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
ch3ehp7ub3mmkr4o92a7jvchrl1kfvfp
prebid
rtb.openx.net/sync/ Frame 42C6 		43 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?gdpr=1&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24%7BUID%7D
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
0ettfj2s2e0s1bf6sh5r4h2277sjgqa3
prebid
rtb.openx.net/sync/ Frame 32CB 		43 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?gdpr=1&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24%7BUID%7D
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
egaonhq5qqg1hgogrfvng56ds8eolvvk
um
cs.emxdgt.com/ Frame A214 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

content-type
text/html
date
Sat, 19 Mar 2022 12:45:52 GMT
content-length
0
prebid
rtb.openx.net/sync/ Frame D6DC 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?gdpr=1&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24%7BUID%7D
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
eblefae1favpvjsiqk8n2fp6jrf6d5vi
um
cs.emxdgt.com/ Frame E1EF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

content-type
text/html
date
Sat, 19 Mar 2022 12:45:52 GMT
content-length
0
prebid
rtb.openx.net/sync/ Frame A103 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?gdpr=1&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24%7BUID%7D
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:52 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
lke4r7s9ib55p1ps9a0cphl7l3j3m4bn
um
cs.emxdgt.com/ Frame 7E46 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

content-type
text/html
date
Sat, 19 Mar 2022 12:45:52 GMT
content-length
0
integrator.js
adservice.google.de/adsid/ Frame A103 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=anhdep24.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 19 Mar 2022 12:45:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A103 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=anhdep24.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 19 Mar 2022 12:45:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame A103 		85 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4029909252908906&correlator=560450620426266&eid=31064905%2C31065485%2C31065007&output=ldjh&gdfp_req=1&vrg=2022031401&ptt=17&impl=fifs&iu_parts=147246189%3A22558101590%2Canhdep24.com_300x600_sidebar_sticky_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C160x600%7C300x250%7C300x300&ifi=1&adks=376456517&sfv=1-0-38&ecs=20220319&fsapi=false&prev_scp=hb_format%3Dbanner%26hb_adid%3D33fe02d73ff511c%26hb_size%3D300x600%26hb_pb%3D0.22%26hb_bidder%3DappnexusS2S&eri=1&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&sc=1&cookie=ID%3Dec465d8781167cc6%3AT%3D1647693952%3AS%3DALNI_MZPZ0ErYT4Dgm7C2jUeyZ3MxoS5ig&cdm=anhdep24.com&abxe=1&dt=1647693953089&lmt=1647693953&dlt=1647693951892&idt=1024&biw=1600&bih=1200&isw=300&ish=150&adxs=800&adys=484&oid=2&ucis=qmu10mr7xxau&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=2&url=https%3A%2F%2Fanhdep24.com%2F&top=https%3A%2F%2Fanhdep24.com%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=300x150&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=352553347.1647693952&ga_sid=1647693953&ga_hid=1036139444&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
f1849387f12fbbaa2b251f0139cf98b941d86f3900f2534fbb8cf17be50d1567
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14195
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://anhdep24.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
91ddacdc5d85c79dc53597452cb35bf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 409D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://91ddacdc5d85c79dc53597452cb35bf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 19 Mar 2022 12:45:53 GMT
expires
Sun, 19 Mar 2023 12:45:53 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
um
cs.emxdgt.com/ Frame 1A2F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

content-type
text/html
date
Sat, 19 Mar 2022 12:45:52 GMT
content-length
0
um
cs.emxdgt.com/ Frame FBBD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

content-type
text/html
date
Sat, 19 Mar 2022 12:45:52 GMT
content-length
0
integrator.js
adservice.google.de/adsid/ Frame 1D0C 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=anhdep24.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 19 Mar 2022 12:45:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1D0C 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=anhdep24.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 19 Mar 2022 12:45:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 1D0C 		53 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4190201031641822&correlator=2003316540116676&eid=31065672&output=ldjh&gdfp_req=1&vrg=2022031401&ptt=17&impl=fifs&iu_parts=147246189%3A22558101590%2Canhdep24.com_970x90_anchor_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90%7C950x90%7C900x90%7C768x90&ifi=1&adks=4265767388&sfv=1-0-38&ecs=20220319&fsapi=false&prev_scp=hb_format%3Dbanner%26hb_adid%3D320e66a21d00086%26hb_size%3D728x90%26hb_pb%3D0.15%26hb_bidder%3DadformS2S&eri=1&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&sc=1&cookie=ID%3Dec465d8781167cc6%3AT%3D1647693952%3AS%3DALNI_MZPZ0ErYT4Dgm7C2jUeyZ3MxoS5ig&cdm=anhdep24.com&abxe=1&dt=1647693953130&lmt=1647693953&dlt=1647693951998&idt=925&biw=1600&bih=1200&isw=970&ish=150&adxs=315&adys=9709&oid=2&ucis=suxa79o31hog&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fanhdep24.com%2F&top=https%3A%2F%2Fanhdep24.com%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=970x150&msz=970x0&fws=256&ohw=0&ea=0&ga_vid=352553347.1647693952&ga_sid=1647693953&ga_hid=211210523&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
addb0b6ade5d030ec29f55290b23925ff769f8cf079c28951eef670efd1a060e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12136
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://anhdep24.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
158ff0f6e5982d339946055ebbe20530.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 359F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://158ff0f6e5982d339946055ebbe20530.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 19 Mar 2022 12:45:53 GMT
expires
Sun, 19 Mar 2023 12:45:53 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/ Frame 32CB 		13 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d9ef7e03446d8bd6730508cec69915a2fc7526c92f56b71ed2c75ca7b04f683
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 19 Mar 2022 12:45:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10402
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame A103 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65344d3125b262710b480bb890f4575d7740c89550e9ce3d28bd6517bcdaf754
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 19 Mar 2022 12:45:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10481
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 32CB 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Mar 2022 12:45:53 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A103 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Mar 2022 12:45:53 GMT
pubads_impl_2022031401.js
securepubads.g.doubleclick.net/gpt/ Frame D6DC 		364 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:37:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
483
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126502
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 08:34:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 19 Mar 2023 12:37:50 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1D0C 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cc6180a1a4b6af14eb6692da7ca250e03acbcf70768324e580fe808bd33ad485
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 19 Mar 2022 12:45:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10607
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031401&st=env
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
43aa3c1011af28ee685c9d3f1a561c98d421be90883360570c987d2b20040d6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 19 Mar 2022 12:45:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10468
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A1D8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 19 Mar 2022 12:45:12 GMT
expires
Sun, 19 Mar 2023 12:45:12 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
41
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame CBE6 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
46b364d65157453c1c4c5df7655243fbc27eb51439144dad0a2edc42e7967be7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-g0yGHfmI8Q6R2NWluPipnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sat, 19 Mar 2022 12:45:53 GMT
date
Sat, 19 Mar 2022 12:45:53 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-g0yGHfmI8Q6R2NWluPipnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ Frame D6DC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=anhdep24.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 19 Mar 2022 12:45:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame D6DC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=anhdep24.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 19 Mar 2022 12:45:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame D6DC 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3006563798845522&correlator=1994711905630272&eid=31065486%2C31065657&output=ldjh&gdfp_req=1&vrg=2022031401&ptt=17&impl=fifs&iu_parts=147246189%3A22558101590%2Canhdep24.com_728x90_leaderboard_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&ifi=1&adks=3635209067&sfv=1-0-38&ecs=20220319&fsapi=false&prev_scp=hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.11%26hb_adid%3D3129ff2270325c7%26hb_bidder%3Dadform&eri=1&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&sc=1&cookie=ID%3Dec465d8781167cc6%3AT%3D1647693952%3AS%3DALNI_MZPZ0ErYT4Dgm7C2jUeyZ3MxoS5ig&cdm=anhdep24.com&abxe=1&dt=1647693953257&lmt=1647693953&dlt=1647693951875&idt=1375&biw=1600&bih=1200&isw=728&ish=150&adxs=800&adys=333&oid=2&ucis=1fz9jde5jpke&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=2&url=https%3A%2F%2Fanhdep24.com%2F&top=https%3A%2F%2Fanhdep24.com%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x150&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=352553347.1647693952&ga_sid=1647693953&ga_hid=1266603867&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
34cf375b2e2d0d3a601a3c319960c0c773762201689d6491d259abea72cfaff1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9249
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://anhdep24.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FD06 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 19 Mar 2022 12:45:53 GMT
expires
Sun, 19 Mar 2023 12:45:53 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Mar 2022 12:45:53 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1D0C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Mar 2022 12:45:53 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8DC3 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 19 Mar 2022 12:45:12 GMT
expires
Sun, 19 Mar 2023 12:45:12 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
41
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame FB91 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e83de86a3876092cd38226f8e5620b3ba24addf0051328dd5fff01f78207ff20
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TAWgxKGMwdKNoyyCmbLCfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sat, 19 Mar 2022 12:45:53 GMT
date
Sat, 19 Mar 2022 12:45:53 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-TAWgxKGMwdKNoyyCmbLCfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B440 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 19 Mar 2022 12:45:12 GMT
expires
Sun, 19 Mar 2023 12:45:12 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
41
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame CD3E 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f57196e60360377f5a7db692992eb16ca03f955148fc9495a327d20c423d2bd8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-chch8LyzKlt1p0Kzql/CIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sat, 19 Mar 2022 12:45:53 GMT
date
Sat, 19 Mar 2022 12:45:53 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-chch8LyzKlt1p0Kzql/CIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
pagead2.googlesyndication.com/bg/ Frame A1D8 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 09:42:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
11017
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13888
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 Mar 2023 09:42:16 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame CBE6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031601&jk=2914790805362464&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ Frame D6DC 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a06d777fea2cce715cb3abb95a8d7bb96b3723037706eb1333c95af9677207d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 19 Mar 2022 12:45:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10592
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame FB91 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031401&jk=4029909252908906&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
pagead2.googlesyndication.com/bg/ Frame 8DC3 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 09:42:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
11017
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13888
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 Mar 2023 09:42:16 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3A57 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 19 Mar 2022 12:45:12 GMT
expires
Sun, 19 Mar 2023 12:45:12 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
41
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame E06C 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e962316fa773e8b24c8a3d8528e93ab31b1cd12a8a4e585a7893cd685d24ae8d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Sw9rXVOtrxApa8bqUJBdmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sat, 19 Mar 2022 12:45:53 GMT
date
Sat, 19 Mar 2022 12:45:53 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-Sw9rXVOtrxApa8bqUJBdmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 510E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 19 Mar 2022 12:45:53 GMT
expires
Sun, 19 Mar 2023 12:45:53 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D6DC 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Mar 2022 12:45:53 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame CD3E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031401&jk=2103073919475594&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
pagead2.googlesyndication.com/bg/ Frame B440 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 09:42:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
11017
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13888
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 Mar 2023 09:42:16 GMT
uuid:8475b13c-33ce-9adf-b30b-9adf33ce8475
/ Frame 6334 		64 KB
64 KB 		Document
General
Check archive.org
Download Go to
Full URL
urn:uuid:8475b13c-33ce-9adf-b30b-9adf33ce8475
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
URN
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ace2f756e5453007c548c628550d753ced2d926678279341d645cb7dd89e5dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

X-Content-Type-Options
nosniff
content-type
text/html; charset=utf-8
x-content-type-options
nosniff
J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
pagead2.googlesyndication.com/bg/ Frame 3A57 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 09:42:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
11017
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13888
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 Mar 2023 09:42:16 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E06C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031401&jk=4190201031641822&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6334 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DqNeeQFi-bTiMWqNqbKjb6G-pRE9Gwz4OqTzANzjrmq7MQ7aZK1r3wqmvrTNdEJsFS9o52CGw5eOwcubIdL-IokI1GyKgA1G03rFvDrpmPH1CDBTw
Requested by
Host: uuid
URL: urn:uuid:8475b13c-33ce-9adf-b30b-9adf33ce8475
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img.gif
t.6sc.co/ Frame 6334 		43 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.6sc.co/img.gif?event=imp&ppgid=ec2fee4e&cb=%n
Requested by
Host: uuid
URL: urn:uuid:8475b13c-33ce-9adf-b30b-9adf33ce8475
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-140.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 12:45:53 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Sat, 05 Jun 2021 07:56:11 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"60bb2e1b-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 6334 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js
Requested by
Host: uuid
URL: urn:uuid:8475b13c-33ce-9adf-b30b-9adf33ce8475
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Apr 2022 12:45:46 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6334 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: uuid
URL: urn:uuid:8475b13c-33ce-9adf-b30b-9adf33ce8475
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Mar 2022 12:45:53 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 6334 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: uuid
URL: urn:uuid:8475b13c-33ce-9adf-b30b-9adf33ce8475
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:29:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
964
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Apr 2022 12:29:49 GMT
l
www.google.com/ads/measurement/ Frame 6334 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ-hmv3LbITnxeCtwoOz39TbPqWVG6EGVIeVxPmRWIqbxZWIlQWq4Bxe-ICh-eSATNjAfYHCfKUoUv4fKmxv79PvOv3Zw
Requested by
Host: uuid
URL: urn:uuid:8475b13c-33ce-9adf-b30b-9adf33ce8475
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 11A7 		624 B
398 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNupDBD70OkBGIWE-cEBMAE&v=APEucNUHKWwy3-w6EhGYXFboI2IszufZVuG1WG1H4ofDDFgyVWKoM-tq57I5PT_xFa4Pz9P4G1qVUbwrwjFvXMoi9UcFBOIijx2WnWNYKLiBedM0bVP11DWoA2jWJp3F1Z1zYgVOI_A5LxNcyVhhqhKfmWP6H389robrDKRJFH2L4wtmydI1UKShfzKT4C0bhrG0v62X255MhHlex356ZEZMsW0VDoEARg
Requested by
Host: 76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com
URL: https://76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 19 Mar 2022 12:45:53 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 510E 		75 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A4ntwkGvTQa8tOCFQgPZtpbRtIdpGOMr1AXs1hA8hv8SMxXKrXLFxuUUkeWc9_9hZHy35WzSTL1zU8wVf8VRheNmiYhu-ehxZ952aDiUctvAfxPN9Ex92br21JFyPG70OkAUTcY9ZoaKkMxvGdgGe8EOi8zw&dbm_d=AKAmf-CKPmluhVWGN0w_hjJu9GhrirKxeMfjyzBvSvxdL4s1xQ-fP_MGvqFcvcdqC2hwb-976-v1LZa23ACnHUYUH84i8XpPcR2kLGSE_vSGEs2TsZGVOItLDV8gYA98ePjkFibGrQlDZF0U7Aa70y-T7tWTec8RstAaWmrgY0amshH_d0aBl6mvHMxAZiJEqiiXJzu2XOexcqI945d4rJjbYkhnC0Vb_w82UJ19fdqEuLOxTJHfGffPez-vtFCy5DFEYy1Q2mPluSXmryWpxHhNy0DP6uyvHnF7Reu1Qe-HxznlOeGhrkeNWeXGPEOFCoJQ87KVTGD7WFL_cLF0mizqYVHbN33dULSnAMiobxlmTuY6whKRkfjVdpRTfjQr99d3aQzKdAiXNxIuqYslbjHbjYXZR5aCGgj-6szVeUHBu0CODAKe0cNxWGUouJng_AbgOgRi9Z-B3zcN6Vmxh46uewn9t3BMHKeoh_VOkTrmDWSkkhvTkQlE5zfpzNam1Go8_1wzUsUcaSv0GAb7mPxjqh_tJsGdYqSGfSR941TKiQrms73DTKBtBAbcF14k0lv0-eHqu0SurF3H6HhEvwZPaY8qUVCVFVKw75Xd-FunE4_32Mv8d2DgiXwZwrLAhSMYDu52rAOdU1sdipyPdIPpWzSuUDdO-MDpclhBWkrcj7mBzgi13j00T7KiKJA8-Df7YMHVB5vupUbB_xpA0JL78Nh45An9e-HZSR88f0QXZ8XvzS4nJwyaG99tlk30oL9ArrVigqJ8PbJ4Qv0yaGy0nHLTsSnAe-besIcBOQAW7dKIOxKQel64rBhTo2nbnPpyfjysbGY7LwjOfGRXHs_9X6ljlcF3Z4AWAx_vf8366qqY-BklviD_uGPtpz46ygRksId0xiIqrp0T7SGMSRjuGsTWxqGyKhJpOAYkF4T4qxhQLB14hKv4iZeKS2gz7iG3FintKm6cg_JElqq6NPlqcL91-m09GuN_XvpK0K3drQJ0ZkA-M4txtid9QFHQNFQ4q5mvoa1YDeXXfazBd1ujho35OjSRCOfnC0oaZ9zI7jLEFrEkVKf_GnWezRQa6g3-F3RmPO1nvMKVfF69LH0HUk3BDFz_hOXgSVf2JrywHXGDqyQEc-y4RkpqgksSggEB7w_jrgNb2Y3MYKkKTq9VeTBcIVgFD7JeCL9Azu6pAIb9B2ATzADbNDIoQvTfrOeVnGEuejYmQMHmqI5Dwl3veGJ-lF6pB-mO2-Z69WgD7nyd1iBKjMaaELYHJRR574-rexwJgTLM6JZwvGyJ9zK8lpAxgkaQlIzJNP2Fkhp8KCVBKR7_4ghXVw-CdRTplikZRc9wypN0sewWMJ7Pusx8DJckuEQ8YRqdya_uy0q6n6qp9PAYa7UsmQ77AydhSKaYzxOI81cTL6eArrMhUxerUdHRxIga00ngIfRkWJe9bs9U3-3SuHI7-ENP75Xebw3I5U8NemB0v1-vMW1XqsLZnw2YNVw20FhTD5PWcOGUZ6u_3BBFAKTWoAt6YFRwcT7e-q2vfChftYXQ_Vlej18bLjiYNn_9suAiY5jNUtjWF_Kr68lj8UfvRMh_vX9KuM5K_egtEQCUrzdItAMVwglFsYcTseKzX1-OY8ycdxkh3yOOMLRtyiaz9kpZqZl-Mvx6YuXEE5u3pU6j33iRj0UqQEbvcsT8zrkFW3r0WnvuSza2q1VygO5C7gh8JrafMpsurrdT8YvAcEdKhaGkPAfeb0uhO4k3-42nyMn-GzHloufvHj5z9ZjU9GTSwuSTRFCEUCWq1GYYKWN1_Hi5gTFD_Vd-4c3rmlLZPANOSPNeJoEKYZXdboiBrSqjXXD-SzwZBveEOUxRNR7b4Beg30oYwpyBnCMN7dlQ8ZkKKcURFVAuoMYCcjqt7lfY0FLFby24AsSokyI_bnXPOtXXzzC7da6ZSWwOjXQwXnZXk7ZF3Kw16u2HZ8Y2UGG741QoPFjE7N_gy5j1Obx4cQC9pqG-PiKGuDihudmQxZfTD0Ej_zXJ8zOmqpywVgxDHSGE5Ik6vTuph9Ga5nz-cgUWZZS9H0XrDFTUK9kaUvNtAwR-GCcIp4jRyce1V2sqCyiaOem-yWSVjO-6c741l8F4MRoXNkb0GR-LvFmhU823JqSJOOtJT-NFCkZtMg9yRj4kAk575JNKwPOShZgXJIJAoGdFwa0H-d3r_GMXTq6nstRvMQXIFXUi4-biU8IK2Xl_elDmpwgU78cs83KxfGKa_3VDvRXRY63950GhLVMCblLdGfArV9m0tP5-OYSqYvd8gGVaOqZZ-thzOjo1XlOqK9rDup43dw8XukDrxmYtjgcEx2idIEewj7EIVm5uGdlcDwCWcnAt2odPfM4BW5apM8xkghm5vOb_x99bU0dvYV5Ejv5FQKQQHXF518XcDp7XuOtMpqhFt-CVpk5xlhM226ZH-xp6ndnDyWHIcAnPBC9SpxGIU0S28FG-UIXvUZKMtBerhGi9pgG85QicAjdmEkbzZ9Wp-MTZ-lAIUtQizuQIxs7IcTFZifaWp_2NhuT9snIqsfIipXzNdKbbofWK13HedLHMZbuBnx_Qanf3iXIexxMW_8nc9NJF-CRs-ovAsXaXkjdpIdSIqq2YXW-srktK1_1-XMCAsKBtb-K8hpQ2N9AaspdZEJC1xjIQ8T08r9smDicKCTta_AJtmqn1JrhipyY1ZTNkTf2XjHNYQjVM5X1whZqlhJW-EdedvboXiWd_aIaKgoC7MAH666WU00qMiTT_Qe1LQgmlYh7WBW85L-LlR-h18FHvjgK-48Ynea0u84PBSfEZ2jstox4YQ0oU2ZjkqW0M7IW8ehyBdgVaZJ1-9kd2bxQEvCCRU99KESye0bZFb1vhvv-FAxs5x4jFKVinevQZ1DAEe0AwzMCO901AjJDTBArJL_uMYzhOf8_-j6bm66siecZmxmI2ft_pDWbISbn7Dlpv1ylLVgN1lUY4CH1n8sN0hyMacdod0ZKGjyp4tWZSjwZwt1UUPm10IeuoK_tHUQgOe56vlZhCVYt2B9k3G7N6RK27R_aCG-ZydYaa8AiPgQf3t4pjXPZljpXoY0bE8s1qqhUx7MwsXT8LAK9_AI51e33qNE9MDKTKtLXdl6HUSy1BDJKKl0qMhfgZhSVwGAgZeOrT99MraMeGfdWOMAk&cid=CAASJeRo6Q8hLiP2BZPAyVkcgH8yndV6cZ6XszSJYB8OnqeP0K3qBKU&rfl=3%2Chttps%253A%252F%252Fanhdep24.com%242%2C%2Chttps%253A%252F%252Fanhdep24.com%252F%240
Requested by
Host: www.google.com
URL: https://www.google.com/url?sa=t&source=web&rct=j&url=https://anhdep24.com/&ved=2ahUKEwihv5-mtIr2AhVfxzgGHdFqByIQFnoECAIQAQ&usg=AOvVaw2yuQNotRdTrslaDrqhKydp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
f626455ea4bed8b6056468fa85f36c8141e5e1c2cd7b11a456421f0d26088fae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32611
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 510E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CY09JDh7wTP_LGMWPSduJcHr0JuM32pQvJbGeSpRbEDOx7CXRyBthekmyMeyqmRBwRz8kISmMYwBv07onnZrx0SF6x3QwI4HlvHLA4snlpYSGN_Ug
Requested by
Host: 76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com
URL: https://76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 510E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js
Requested by
Host: 76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com
URL: https://76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Apr 2022 12:45:46 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 510E 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com
URL: https://76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Mar 2022 12:45:53 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 510E 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com
URL: https://76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:29:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
964
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Apr 2022 12:29:49 GMT
l
www.google.com/ads/measurement/ Frame 510E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSWRIwsU44fOVKqXWzenjTk8gkt09ZILC-NkrczxsJiBkToQhSid2XIoJnWCLWm5cYpJSv-x1aFDVZKtOI2bpNiqcbpRg
Requested by
Host: 76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com
URL: https://76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0055 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 19 Mar 2022 12:45:12 GMT
expires
Sun, 19 Mar 2023 12:45:12 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
41
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame AE19 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6c0fd41dd5aec03b6d1bb844c1b711af780565a272eca8acf0885ee4af3f4073
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-D6Db0Ii/KM9lGkT3A96Hvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sat, 19 Mar 2022 12:45:53 GMT
date
Sat, 19 Mar 2022 12:45:53 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-D6Db0Ii/KM9lGkT3A96Hvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3790 		640 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiY0s7CATAB&v=APEucNWzyhYkVcZuXKNJuvIfm4ypDxp2qqhlcsQdEnmXvgCFOK7AmGhpC5WKsdlAykTCWbSZdtXwEF0ajhL4za3LDlk3vhT8SRzrKEF_JPjXtPc3CmqsNTIX37b8BtvoxZo4S_z3lUwqUwJbzDKMuVLmE_Cf5YpzSONpr2o8-CFL5mPXoyusjMR1ALoajZ0qLQTJvEuzggiQFqFn8nEicjZIdk-p3_dZcw
Requested by
Host: uuid
URL: urn:uuid:8475b13c-33ce-9adf-b30b-9adf33ce8475
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 19 Mar 2022 12:45:53 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220316/r20110914/ Frame 6334 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220316/r20110914/abg_lite_fy2019.js
Requested by
Host: uuid
URL: urn:uuid:8475b13c-33ce-9adf-b30b-9adf33ce8475
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:44:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7871
x-xss-protection
0
server
cafe
etag
7397949449432438406
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Apr 2022 12:44:29 GMT
16958331773998436710
s0.2mdn.net/simgad/ Frame 6334 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/16958331773998436710
Requested by
Host: uuid
URL: urn:uuid:8475b13c-33ce-9adf-b30b-9adf33ce8475
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
67bb3dcbbd1439c46f8c904eaa3e16ab9f75b7b3d82829cad4a878b027bf67fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 07:29:51 GMT
x-content-type-options
nosniff
age
105362
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1436947
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 18:24:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Mar 2023 07:29:51 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220316/r20110914/elements/html/ Frame 6334 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220316/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: uuid
URL: urn:uuid:8475b13c-33ce-9adf-b30b-9adf33ce8475
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:35:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
601
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2626
x-xss-protection
0
server
cafe
etag
8548655983161038638
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Apr 2022 12:35:52 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6334 		0
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstq01nOFr97BDE-moaj8THIMDXflYSXRl_iTdvN7xlWFADFhUXM7cYv4r5asz7ygcKVHgfWoYrSK86JvqkffJmU4K0mZGRP3RbfkXA5jw71iQ_tshj-vDeoX1gbHeu5YYQlDZJSxvu8whqUv7XTZ7fiUg73ijWHvA9hhNojeCAse8n9d6rZnWWqFrAoOdAbIJvJDYo_mHP8jKJ-omnjaOTUiWkKFQMr62yXmY7-NHgHkA1xG8uFEf8mSqEnkReujonuoChi7FhGQT9yLZTUwzrAn1122kgK_qbxDpPwAywgQ5nq9CHlRkAlsa5vfCB8z3V_fjh3Onb16ZdY1zaOEqxGb7ivrTd5AdZstMx9V81zxplk-MdH5lNNwcV4SW2BcGAdZWoyjH5MsRpu9N99au-QJEnnDwVsISYUJ3HpFJXHyWRjVbFZc8gMIpZ_mazmZW56ZuB0PzQL-c2-W9ATWNIUkY4_WScKyGlZ1itaCzJET97zBDyW0EH8lRBNbK3ABfUbjkTVJZzixmE0EilviAwDO_aBZNitSftYhoYp4mEHB1sKTklr5WaWAqE5adH0vgxJuyeMdoCSltDhREEbLxzXuKJGT5zVnil_u5Fsu9sE_m7fqKeZkvYKvYSrDG8ys6oiXrdzAcpPGZFGFl3xckshQH1QEgEKcjilAcYqyrnQmRRKi5EGupfQ4EWpcLzu2yLyB4F3FrnysvIWUbxhwBbJ5MMfO1qKIteMcJqHJT112SFXdQzNxPlAQAofc9ODQGkf5tv5KadjEvw-ipGsd8S6XshAcH-zn5igxYXDEi2e7Wh_8X-ECMU3Z60jnoMjCOHW5oq85sGvJQVy6_DG3ya7OmBSW3PdyMIXBUOYtwMnJZSsMr-KfdvNNjyYw4AaMkstGnsY5i7acyzFb5gkyFWJfiO6ZAqu3meTZgh5i9gZCWNPM2n_BRJ_fnFSewyakz5DeHCaY56-bwR462UnbPfxEAWL92IyH5mc45OAvTCSQTiroPeap6vZ-y3nNy4hvfVizpJwKMJi95UNUkrozVxFlSOGMt26fGfgaqVRiLtjzcX7mUAIGwNU6vONaiCMdLaiRqIx6LrF2pIT29_4Pn5M9hBM2DuUo7IPx1KmxH0ekTwvO3Kt0PCgVa3OMkmE_a0XNRafJ8VvLGe9Ff4rRbZf9qGkLJQl7Bxr5PyrHkjOQ2KBZNQYj9eiOW-q&sai=AMfl-YQjPZW4srckEml4JpwPSWgYHjpbyVxfAwQwZQxv3d4L5p9eLpUuCB_rNJVRRhJJNkAqK446WvWYJqWcFqtPS5ZXZeFfF-AE6yA-5ImdhXUPuFANOEyEdVjxPYSgX2MTc44x-NCjYxZj7G3W8h2EVbaUa4Fso3FNFGaFmhcZtyiX2hJ_dX1NUZDq-MfCklizNfvgBqMaW9P2KVUvl5thoZtZA1NbQ86kdt-KtylCc0YmuY_c5U6RlTMDdMhgGl7god2fBM0WSFs3H2Y639JbxeDu5qSTdg2K8JIoNU7YL5zg&sig=Cg0ArKJSzL5sg1NpwYn3EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220316.73967&adurl=
Requested by
Host: uuid
URL: urn:uuid:8475b13c-33ce-9adf-b30b-9adf33ce8475
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sat, 19 Mar 2022 12:45:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6334 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: uuid
URL: urn:uuid:8475b13c-33ce-9adf-b30b-9adf33ce8475
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 07:28:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
191870
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Mar 2023 07:28:03 GMT
rum
dsum-sec.casalemedia.com/ Frame 11A7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFtYhNSZJDAfUxj8ya0KcIw&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFtYhNSZJDAfUxj8ya0KcIw&google_cver=1&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFtYhNSZJDAfUxj8ya0KcIw&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNupDBD70OkBGIWE-cEBMAE&v=APEucNUHKWwy3-w6EhGYXFboI2IszufZVuG1WG1H4ofDDFgyVWKoM-tq57I5PT_xFa4Pz9P4G1qVUbwrwjFvXMoi9UcFBOIijx2WnWNYKLiBedM0bVP11DWoA2jWJp3F1Z1zYgVOI_A5LxNcyVhhqhKfmWP6H389robrDKRJFH2L4wtmydI1UKShfzKT4C0bhrG0v62X255MhHlex356ZEZMsW0VDoEARg
Protocol
HTTP/1.1
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Mar 2022 12:45:53 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 19 Mar 2022 12:45:53 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 19 Mar 2022 12:45:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFtYhNSZJDAfUxj8ya0KcIw&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Sat, 19 Mar 2022 12:45:53 GMT
rum
dsum-sec.casalemedia.com/ Frame 11A7
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YjXQgaa62BdQhslHslBx5gAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFtYhNSZJDAfUxj8ya0KcIw&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFtYhNSZJDAfUxj8ya0KcIw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNupDBD70OkBGIWE-cEBMAE&v=APEucNUHKWwy3-w6EhGYXFboI2IszufZVuG1WG1H4ofDDFgyVWKoM-tq57I5PT_xFa4Pz9P4G1qVUbwrwjFvXMoi9UcFBOIijx2WnWNYKLiBedM0bVP11DWoA2jWJp3F1Z1zYgVOI_A5LxNcyVhhqhKfmWP6H389robrDKRJFH2L4wtmydI1UKShfzKT4C0bhrG0v62X255MhHlex356ZEZMsW0VDoEARg
Protocol
HTTP/1.1
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Mar 2022 12:45:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 19 Mar 2022 12:45:54 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFtYhNSZJDAfUxj8ya0KcIw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 11A7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJPnxd3EbTj_j4cCIufYPDE&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJPnxd3EbTj_j4cCIufYPDE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNupDBD70OkBGIWE-cEBMAE&v=APEucNUHKWwy3-w6EhGYXFboI2IszufZVuG1WG1H4ofDDFgyVWKoM-tq57I5PT_xFa4Pz9P4G1qVUbwrwjFvXMoi9UcFBOIijx2WnWNYKLiBedM0bVP11DWoA2jWJp3F1Z1zYgVOI_A5LxNcyVhhqhKfmWP6H389robrDKRJFH2L4wtmydI1UKShfzKT4C0bhrG0v62X255MhHlex356ZEZMsW0VDoEARg
Protocol
HTTP/1.1
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Mar 2022 12:45:53 GMT
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9c46fbc1-62db-4ce8-ba38-e8d571ddc336
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJPnxd3EbTj_j4cCIufYPDE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 11A7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTE3MzcyNzQ1MTAxOTYwMDQ3Ng%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTE3MzcyNzQ1MTAxOTYwMDQ3Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNupDBD70OkBGIWE-cEBMAE&v=APEucNUHKWwy3-w6EhGYXFboI2IszufZVuG1WG1H4ofDDFgyVWKoM-tq57I5PT_xFa4Pz9P4G1qVUbwrwjFvXMoi9UcFBOIijx2WnWNYKLiBedM0bVP11DWoA2jWJp3F1Z1zYgVOI_A5LxNcyVhhqhKfmWP6H389robrDKRJFH2L4wtmydI1UKShfzKT4C0bhrG0v62X255MhHlex356ZEZMsW0VDoEARg
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 19 Mar 2022 12:45:53 GMT
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
fe439d7c-0252-4c29-bf53-a434743a541d
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTE3MzcyNzQ1MTAxOTYwMDQ3Ng%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 3790
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHKiL7qTbHhkttWySutU-i8&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHKiL7qTbHhkttWySutU-i8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiY0s7CATAB&v=APEucNWzyhYkVcZuXKNJuvIfm4ypDxp2qqhlcsQdEnmXvgCFOK7AmGhpC5WKsdlAykTCWbSZdtXwEF0ajhL4za3LDlk3vhT8SRzrKEF_JPjXtPc3CmqsNTIX37b8BtvoxZo4S_z3lUwqUwJbzDKMuVLmE_Cf5YpzSONpr2o8-CFL5mPXoyusjMR1ALoajZ0qLQTJvEuzggiQFqFn8nEicjZIdk-p3_dZcw
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:53 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHKiL7qTbHhkttWySutU-i8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 3790 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiY0s7CATAB&v=APEucNWzyhYkVcZuXKNJuvIfm4ypDxp2qqhlcsQdEnmXvgCFOK7AmGhpC5WKsdlAykTCWbSZdtXwEF0ajhL4za3LDlk3vhT8SRzrKEF_JPjXtPc3CmqsNTIX37b8BtvoxZo4S_z3lUwqUwJbzDKMuVLmE_Cf5YpzSONpr2o8-CFL5mPXoyusjMR1ALoajZ0qLQTJvEuzggiQFqFn8nEicjZIdk-p3_dZcw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:53 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 3790
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEB6EC8HfVk_dVhzU1q2CNmg&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEB6EC8HfVk_dVhzU1q2CNmg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiY0s7CATAB&v=APEucNWzyhYkVcZuXKNJuvIfm4ypDxp2qqhlcsQdEnmXvgCFOK7AmGhpC5WKsdlAykTCWbSZdtXwEF0ajhL4za3LDlk3vhT8SRzrKEF_JPjXtPc3CmqsNTIX37b8BtvoxZo4S_z3lUwqUwJbzDKMuVLmE_Cf5YpzSONpr2o8-CFL5mPXoyusjMR1ALoajZ0qLQTJvEuzggiQFqFn8nEicjZIdk-p3_dZcw
Protocol
H2
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:53 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 19 Mar 2022 12:45:53 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEB6EC8HfVk_dVhzU1q2CNmg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 3790 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiY0s7CATAB&v=APEucNWzyhYkVcZuXKNJuvIfm4ypDxp2qqhlcsQdEnmXvgCFOK7AmGhpC5WKsdlAykTCWbSZdtXwEF0ajhL4za3LDlk3vhT8SRzrKEF_JPjXtPc3CmqsNTIX37b8BtvoxZo4S_z3lUwqUwJbzDKMuVLmE_Cf5YpzSONpr2o8-CFL5mPXoyusjMR1ALoajZ0qLQTJvEuzggiQFqFn8nEicjZIdk-p3_dZcw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:53 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 19 Mar 2022 12:45:53 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012202142035000/ Frame 2BBD 		220 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202142035000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed7385b2ca535f7f90bb14266ddd68d64393f41d1559cbb4af01ece4dd36b8fb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
191908
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61563
x-xss-protection
0
server
sffe
date
Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"74cdf3878bfbef53"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Mar 2023 07:27:25 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012202142035000/v0/ Frame 2BBD 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202142035000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32b8fae56a7edbfe89e7f7fd22aa7df75546183f81660692c9cf03d3c8d914ba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
191908
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5733
x-xss-protection
0
server
sffe
date
Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"42a91727bcc93df1"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Mar 2023 07:27:25 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012202142035000/v0/ Frame 2BBD 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202142035000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e02189b6990b38c43207a8c0c206a2fda1833e7b7401fa42af72671e62f43a5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
191908
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29577
x-xss-protection
0
server
sffe
date
Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"42f1ed997a28c2a2"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Mar 2023 07:27:25 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012202142035000/v0/ Frame 2BBD 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202142035000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3110966fa73dac64901ac2cec67656155bb9717286b7b0da0544cdd8ae7c888d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
191908
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1873
x-xss-protection
0
server
sffe
date
Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"8e63b195883091b5"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Mar 2023 07:27:25 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012202142035000/v0/ Frame 2BBD 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202142035000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac2a6bdf3640e1213ba9a0a900ea6864a0274b080ba3bcf05ff245bfabb5eba0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
191908
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13633
x-xss-protection
0
server
sffe
date
Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d3c67c66f710e82a"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Mar 2023 07:27:25 GMT
css
fonts.googleapis.com/ Frame 2BBD 		8 KB
892 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 19 Mar 2022 12:25:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 19 Mar 2022 12:45:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 19 Mar 2022 12:45:53 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2BBD 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 09:41:38 GMT
x-content-type-options
nosniff
server
cafe
age
11055
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 20 Mar 2022 09:41:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2BBD 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 09:53:05 GMT
x-content-type-options
nosniff
server
cafe
age
10368
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 20 Mar 2022 09:53:05 GMT
l
www.google.com/ads/measurement/ Frame 2BBD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTSC_6Wbp219XlGkIz9ofW6ZsMjlbSNNC6PLgvaeQY7aWamBIRJvOChf0H1pbaojl9SlKeFnVrqAxGxpAhp_fG-UvDJkw
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 2BBD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=COsOJgdA1YvC4C96W7_UPqZqHyAbY_4r3aOeXwMW3D6_q5PHIARABII3kvSlglaqzgsAHoAHd2LiWA8gBCakCz-kzGhWKsj7gAgCoAwHIAwqqBO4BT9DL35P8RgQnnbPYvva70VLsaDWn5yyNKCtamGZHMy9EeLSJQBBStkmqW32AhnIWpxEMo1PGA649wFApcZgDlULKDOW9mb4qxGCMfgEU43Mf69ujG1mduWMz0pDJaq3af1e79Oge2Xy6OcpG1F_loYf8jM5yYVB_IuJ58WyBFLKFRYuIcWyl_ue3ztbfi5UMIvTWyXe9wPWeLOedz6dkU6CxiNKD3Ks0tpdr5mtXWSU7N46Cw_BdkzuPZtmFtopJKQdPhrG_Xyb5-jjgYZBWzb3om-AhW0b9HqrXlV9tCWTBvyN9BfrC8T0SfWsAK8AEz4zhz_kD4AQBoAYugAeLp8dpqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQnvoa0ggJCIDhgBAQARgdgAoDyAsBuBOIJ9gTA4gUA9AVAZgWAYAXAbIXHgocCAASFHB1Yi03MzgzMTcxODMwNjE0MjE2GJXiHw&sigh=Vt6pRZBof8c&uach_m=[UACH]&template_id=5000
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
container.html
d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5409 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 19 Mar 2022 12:45:53 GMT
expires
Sun, 19 Mar 2023 12:45:53 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 510E 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: www.google.com
URL: https://www.google.com/url?sa=t&source=web&rct=j&url=https://anhdep24.com/&ved=2ahUKEwihv5-mtIr2AhVfxzgGHdFqByIQFnoECAIQAQ&usg=AOvVaw2yuQNotRdTrslaDrqhKydp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com/
Origin
https://76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 14:28:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80220
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 19 Mar 2022 14:28:53 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220316/r20110914/elements/html/ Frame 510E 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220316/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A4ntwkGvTQa8tOCFQgPZtpbRtIdpGOMr1AXs1hA8hv8SMxXKrXLFxuUUkeWc9_9hZHy35WzSTL1zU8wVf8VRheNmiYhu-ehxZ952aDiUctvAfxPN9Ex92br21JFyPG70OkAUTcY9ZoaKkMxvGdgGe8EOi8zw&dbm_d=AKAmf-CKPmluhVWGN0w_hjJu9GhrirKxeMfjyzBvSvxdL4s1xQ-fP_MGvqFcvcdqC2hwb-976-v1LZa23ACnHUYUH84i8XpPcR2kLGSE_vSGEs2TsZGVOItLDV8gYA98ePjkFibGrQlDZF0U7Aa70y-T7tWTec8RstAaWmrgY0amshH_d0aBl6mvHMxAZiJEqiiXJzu2XOexcqI945d4rJjbYkhnC0Vb_w82UJ19fdqEuLOxTJHfGffPez-vtFCy5DFEYy1Q2mPluSXmryWpxHhNy0DP6uyvHnF7Reu1Qe-HxznlOeGhrkeNWeXGPEOFCoJQ87KVTGD7WFL_cLF0mizqYVHbN33dULSnAMiobxlmTuY6whKRkfjVdpRTfjQr99d3aQzKdAiXNxIuqYslbjHbjYXZR5aCGgj-6szVeUHBu0CODAKe0cNxWGUouJng_AbgOgRi9Z-B3zcN6Vmxh46uewn9t3BMHKeoh_VOkTrmDWSkkhvTkQlE5zfpzNam1Go8_1wzUsUcaSv0GAb7mPxjqh_tJsGdYqSGfSR941TKiQrms73DTKBtBAbcF14k0lv0-eHqu0SurF3H6HhEvwZPaY8qUVCVFVKw75Xd-FunE4_32Mv8d2DgiXwZwrLAhSMYDu52rAOdU1sdipyPdIPpWzSuUDdO-MDpclhBWkrcj7mBzgi13j00T7KiKJA8-Df7YMHVB5vupUbB_xpA0JL78Nh45An9e-HZSR88f0QXZ8XvzS4nJwyaG99tlk30oL9ArrVigqJ8PbJ4Qv0yaGy0nHLTsSnAe-besIcBOQAW7dKIOxKQel64rBhTo2nbnPpyfjysbGY7LwjOfGRXHs_9X6ljlcF3Z4AWAx_vf8366qqY-BklviD_uGPtpz46ygRksId0xiIqrp0T7SGMSRjuGsTWxqGyKhJpOAYkF4T4qxhQLB14hKv4iZeKS2gz7iG3FintKm6cg_JElqq6NPlqcL91-m09GuN_XvpK0K3drQJ0ZkA-M4txtid9QFHQNFQ4q5mvoa1YDeXXfazBd1ujho35OjSRCOfnC0oaZ9zI7jLEFrEkVKf_GnWezRQa6g3-F3RmPO1nvMKVfF69LH0HUk3BDFz_hOXgSVf2JrywHXGDqyQEc-y4RkpqgksSggEB7w_jrgNb2Y3MYKkKTq9VeTBcIVgFD7JeCL9Azu6pAIb9B2ATzADbNDIoQvTfrOeVnGEuejYmQMHmqI5Dwl3veGJ-lF6pB-mO2-Z69WgD7nyd1iBKjMaaELYHJRR574-rexwJgTLM6JZwvGyJ9zK8lpAxgkaQlIzJNP2Fkhp8KCVBKR7_4ghXVw-CdRTplikZRc9wypN0sewWMJ7Pusx8DJckuEQ8YRqdya_uy0q6n6qp9PAYa7UsmQ77AydhSKaYzxOI81cTL6eArrMhUxerUdHRxIga00ngIfRkWJe9bs9U3-3SuHI7-ENP75Xebw3I5U8NemB0v1-vMW1XqsLZnw2YNVw20FhTD5PWcOGUZ6u_3BBFAKTWoAt6YFRwcT7e-q2vfChftYXQ_Vlej18bLjiYNn_9suAiY5jNUtjWF_Kr68lj8UfvRMh_vX9KuM5K_egtEQCUrzdItAMVwglFsYcTseKzX1-OY8ycdxkh3yOOMLRtyiaz9kpZqZl-Mvx6YuXEE5u3pU6j33iRj0UqQEbvcsT8zrkFW3r0WnvuSza2q1VygO5C7gh8JrafMpsurrdT8YvAcEdKhaGkPAfeb0uhO4k3-42nyMn-GzHloufvHj5z9ZjU9GTSwuSTRFCEUCWq1GYYKWN1_Hi5gTFD_Vd-4c3rmlLZPANOSPNeJoEKYZXdboiBrSqjXXD-SzwZBveEOUxRNR7b4Beg30oYwpyBnCMN7dlQ8ZkKKcURFVAuoMYCcjqt7lfY0FLFby24AsSokyI_bnXPOtXXzzC7da6ZSWwOjXQwXnZXk7ZF3Kw16u2HZ8Y2UGG741QoPFjE7N_gy5j1Obx4cQC9pqG-PiKGuDihudmQxZfTD0Ej_zXJ8zOmqpywVgxDHSGE5Ik6vTuph9Ga5nz-cgUWZZS9H0XrDFTUK9kaUvNtAwR-GCcIp4jRyce1V2sqCyiaOem-yWSVjO-6c741l8F4MRoXNkb0GR-LvFmhU823JqSJOOtJT-NFCkZtMg9yRj4kAk575JNKwPOShZgXJIJAoGdFwa0H-d3r_GMXTq6nstRvMQXIFXUi4-biU8IK2Xl_elDmpwgU78cs83KxfGKa_3VDvRXRY63950GhLVMCblLdGfArV9m0tP5-OYSqYvd8gGVaOqZZ-thzOjo1XlOqK9rDup43dw8XukDrxmYtjgcEx2idIEewj7EIVm5uGdlcDwCWcnAt2odPfM4BW5apM8xkghm5vOb_x99bU0dvYV5Ejv5FQKQQHXF518XcDp7XuOtMpqhFt-CVpk5xlhM226ZH-xp6ndnDyWHIcAnPBC9SpxGIU0S28FG-UIXvUZKMtBerhGi9pgG85QicAjdmEkbzZ9Wp-MTZ-lAIUtQizuQIxs7IcTFZifaWp_2NhuT9snIqsfIipXzNdKbbofWK13HedLHMZbuBnx_Qanf3iXIexxMW_8nc9NJF-CRs-ovAsXaXkjdpIdSIqq2YXW-srktK1_1-XMCAsKBtb-K8hpQ2N9AaspdZEJC1xjIQ8T08r9smDicKCTta_AJtmqn1JrhipyY1ZTNkTf2XjHNYQjVM5X1whZqlhJW-EdedvboXiWd_aIaKgoC7MAH666WU00qMiTT_Qe1LQgmlYh7WBW85L-LlR-h18FHvjgK-48Ynea0u84PBSfEZ2jstox4YQ0oU2ZjkqW0M7IW8ehyBdgVaZJ1-9kd2bxQEvCCRU99KESye0bZFb1vhvv-FAxs5x4jFKVinevQZ1DAEe0AwzMCO901AjJDTBArJL_uMYzhOf8_-j6bm66siecZmxmI2ft_pDWbISbn7Dlpv1ylLVgN1lUY4CH1n8sN0hyMacdod0ZKGjyp4tWZSjwZwt1UUPm10IeuoK_tHUQgOe56vlZhCVYt2B9k3G7N6RK27R_aCG-ZydYaa8AiPgQf3t4pjXPZljpXoY0bE8s1qqhUx7MwsXT8LAK9_AI51e33qNE9MDKTKtLXdl6HUSy1BDJKKl0qMhfgZhSVwGAgZeOrT99MraMeGfdWOMAk&cid=CAASJeRo6Q8hLiP2BZPAyVkcgH8yndV6cZ6XszSJYB8OnqeP0K3qBKU&rfl=3%2Chttps%253A%252F%252Fanhdep24.com%242%2C%2Chttps%253A%252F%252Fanhdep24.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:39:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
395
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Apr 2022 12:39:18 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220316/r20110914/ Frame 510E 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220316/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A4ntwkGvTQa8tOCFQgPZtpbRtIdpGOMr1AXs1hA8hv8SMxXKrXLFxuUUkeWc9_9hZHy35WzSTL1zU8wVf8VRheNmiYhu-ehxZ952aDiUctvAfxPN9Ex92br21JFyPG70OkAUTcY9ZoaKkMxvGdgGe8EOi8zw&dbm_d=AKAmf-CKPmluhVWGN0w_hjJu9GhrirKxeMfjyzBvSvxdL4s1xQ-fP_MGvqFcvcdqC2hwb-976-v1LZa23ACnHUYUH84i8XpPcR2kLGSE_vSGEs2TsZGVOItLDV8gYA98ePjkFibGrQlDZF0U7Aa70y-T7tWTec8RstAaWmrgY0amshH_d0aBl6mvHMxAZiJEqiiXJzu2XOexcqI945d4rJjbYkhnC0Vb_w82UJ19fdqEuLOxTJHfGffPez-vtFCy5DFEYy1Q2mPluSXmryWpxHhNy0DP6uyvHnF7Reu1Qe-HxznlOeGhrkeNWeXGPEOFCoJQ87KVTGD7WFL_cLF0mizqYVHbN33dULSnAMiobxlmTuY6whKRkfjVdpRTfjQr99d3aQzKdAiXNxIuqYslbjHbjYXZR5aCGgj-6szVeUHBu0CODAKe0cNxWGUouJng_AbgOgRi9Z-B3zcN6Vmxh46uewn9t3BMHKeoh_VOkTrmDWSkkhvTkQlE5zfpzNam1Go8_1wzUsUcaSv0GAb7mPxjqh_tJsGdYqSGfSR941TKiQrms73DTKBtBAbcF14k0lv0-eHqu0SurF3H6HhEvwZPaY8qUVCVFVKw75Xd-FunE4_32Mv8d2DgiXwZwrLAhSMYDu52rAOdU1sdipyPdIPpWzSuUDdO-MDpclhBWkrcj7mBzgi13j00T7KiKJA8-Df7YMHVB5vupUbB_xpA0JL78Nh45An9e-HZSR88f0QXZ8XvzS4nJwyaG99tlk30oL9ArrVigqJ8PbJ4Qv0yaGy0nHLTsSnAe-besIcBOQAW7dKIOxKQel64rBhTo2nbnPpyfjysbGY7LwjOfGRXHs_9X6ljlcF3Z4AWAx_vf8366qqY-BklviD_uGPtpz46ygRksId0xiIqrp0T7SGMSRjuGsTWxqGyKhJpOAYkF4T4qxhQLB14hKv4iZeKS2gz7iG3FintKm6cg_JElqq6NPlqcL91-m09GuN_XvpK0K3drQJ0ZkA-M4txtid9QFHQNFQ4q5mvoa1YDeXXfazBd1ujho35OjSRCOfnC0oaZ9zI7jLEFrEkVKf_GnWezRQa6g3-F3RmPO1nvMKVfF69LH0HUk3BDFz_hOXgSVf2JrywHXGDqyQEc-y4RkpqgksSggEB7w_jrgNb2Y3MYKkKTq9VeTBcIVgFD7JeCL9Azu6pAIb9B2ATzADbNDIoQvTfrOeVnGEuejYmQMHmqI5Dwl3veGJ-lF6pB-mO2-Z69WgD7nyd1iBKjMaaELYHJRR574-rexwJgTLM6JZwvGyJ9zK8lpAxgkaQlIzJNP2Fkhp8KCVBKR7_4ghXVw-CdRTplikZRc9wypN0sewWMJ7Pusx8DJckuEQ8YRqdya_uy0q6n6qp9PAYa7UsmQ77AydhSKaYzxOI81cTL6eArrMhUxerUdHRxIga00ngIfRkWJe9bs9U3-3SuHI7-ENP75Xebw3I5U8NemB0v1-vMW1XqsLZnw2YNVw20FhTD5PWcOGUZ6u_3BBFAKTWoAt6YFRwcT7e-q2vfChftYXQ_Vlej18bLjiYNn_9suAiY5jNUtjWF_Kr68lj8UfvRMh_vX9KuM5K_egtEQCUrzdItAMVwglFsYcTseKzX1-OY8ycdxkh3yOOMLRtyiaz9kpZqZl-Mvx6YuXEE5u3pU6j33iRj0UqQEbvcsT8zrkFW3r0WnvuSza2q1VygO5C7gh8JrafMpsurrdT8YvAcEdKhaGkPAfeb0uhO4k3-42nyMn-GzHloufvHj5z9ZjU9GTSwuSTRFCEUCWq1GYYKWN1_Hi5gTFD_Vd-4c3rmlLZPANOSPNeJoEKYZXdboiBrSqjXXD-SzwZBveEOUxRNR7b4Beg30oYwpyBnCMN7dlQ8ZkKKcURFVAuoMYCcjqt7lfY0FLFby24AsSokyI_bnXPOtXXzzC7da6ZSWwOjXQwXnZXk7ZF3Kw16u2HZ8Y2UGG741QoPFjE7N_gy5j1Obx4cQC9pqG-PiKGuDihudmQxZfTD0Ej_zXJ8zOmqpywVgxDHSGE5Ik6vTuph9Ga5nz-cgUWZZS9H0XrDFTUK9kaUvNtAwR-GCcIp4jRyce1V2sqCyiaOem-yWSVjO-6c741l8F4MRoXNkb0GR-LvFmhU823JqSJOOtJT-NFCkZtMg9yRj4kAk575JNKwPOShZgXJIJAoGdFwa0H-d3r_GMXTq6nstRvMQXIFXUi4-biU8IK2Xl_elDmpwgU78cs83KxfGKa_3VDvRXRY63950GhLVMCblLdGfArV9m0tP5-OYSqYvd8gGVaOqZZ-thzOjo1XlOqK9rDup43dw8XukDrxmYtjgcEx2idIEewj7EIVm5uGdlcDwCWcnAt2odPfM4BW5apM8xkghm5vOb_x99bU0dvYV5Ejv5FQKQQHXF518XcDp7XuOtMpqhFt-CVpk5xlhM226ZH-xp6ndnDyWHIcAnPBC9SpxGIU0S28FG-UIXvUZKMtBerhGi9pgG85QicAjdmEkbzZ9Wp-MTZ-lAIUtQizuQIxs7IcTFZifaWp_2NhuT9snIqsfIipXzNdKbbofWK13HedLHMZbuBnx_Qanf3iXIexxMW_8nc9NJF-CRs-ovAsXaXkjdpIdSIqq2YXW-srktK1_1-XMCAsKBtb-K8hpQ2N9AaspdZEJC1xjIQ8T08r9smDicKCTta_AJtmqn1JrhipyY1ZTNkTf2XjHNYQjVM5X1whZqlhJW-EdedvboXiWd_aIaKgoC7MAH666WU00qMiTT_Qe1LQgmlYh7WBW85L-LlR-h18FHvjgK-48Ynea0u84PBSfEZ2jstox4YQ0oU2ZjkqW0M7IW8ehyBdgVaZJ1-9kd2bxQEvCCRU99KESye0bZFb1vhvv-FAxs5x4jFKVinevQZ1DAEe0AwzMCO901AjJDTBArJL_uMYzhOf8_-j6bm66siecZmxmI2ft_pDWbISbn7Dlpv1ylLVgN1lUY4CH1n8sN0hyMacdod0ZKGjyp4tWZSjwZwt1UUPm10IeuoK_tHUQgOe56vlZhCVYt2B9k3G7N6RK27R_aCG-ZydYaa8AiPgQf3t4pjXPZljpXoY0bE8s1qqhUx7MwsXT8LAK9_AI51e33qNE9MDKTKtLXdl6HUSy1BDJKKl0qMhfgZhSVwGAgZeOrT99MraMeGfdWOMAk&cid=CAASJeRo6Q8hLiP2BZPAyVkcgH8yndV6cZ6XszSJYB8OnqeP0K3qBKU&rfl=3%2Chttps%253A%252F%252Fanhdep24.com%242%2C%2Chttps%253A%252F%252Fanhdep24.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
cafe
etag
16576748017229546422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Apr 2022 12:45:21 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012202142035000/ Frame 6D82 		220 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202142035000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed7385b2ca535f7f90bb14266ddd68d64393f41d1559cbb4af01ece4dd36b8fb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
191908
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61563
x-xss-protection
0
server
sffe
date
Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"74cdf3878bfbef53"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Mar 2023 07:27:25 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012202142035000/v0/ Frame 6D82 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202142035000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32b8fae56a7edbfe89e7f7fd22aa7df75546183f81660692c9cf03d3c8d914ba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
191908
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5733
x-xss-protection
0
server
sffe
date
Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"42a91727bcc93df1"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Mar 2023 07:27:25 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012202142035000/v0/ Frame 6D82 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202142035000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e02189b6990b38c43207a8c0c206a2fda1833e7b7401fa42af72671e62f43a5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
191908
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29577
x-xss-protection
0
server
sffe
date
Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"42f1ed997a28c2a2"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Mar 2023 07:27:25 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012202142035000/v0/ Frame 6D82 		74 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202142035000/v0/amp-animation-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2ed8a35d6fd1f5bf0923284f1b2e0400a97cbaacd5abb2c674ce566b0e81fec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
408850
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17325
x-xss-protection
0
server
sffe
date
Mon, 14 Mar 2022 19:11:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a19a9ab87656847d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 Mar 2023 19:11:43 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012202142035000/v0/ Frame 6D82 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202142035000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3110966fa73dac64901ac2cec67656155bb9717286b7b0da0544cdd8ae7c888d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
191908
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1873
x-xss-protection
0
server
sffe
date
Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"8e63b195883091b5"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Mar 2023 07:27:25 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012202142035000/v0/ Frame 6D82 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202142035000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac2a6bdf3640e1213ba9a0a900ea6864a0274b080ba3bcf05ff245bfabb5eba0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
191908
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13633
x-xss-protection
0
server
sffe
date
Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d3c67c66f710e82a"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Mar 2023 07:27:25 GMT
css
fonts.googleapis.com/ Frame 6D82 		2 KB
537 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:regular
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 19 Mar 2022 11:05:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 19 Mar 2022 12:45:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 19 Mar 2022 12:45:53 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6D82 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 09:41:38 GMT
x-content-type-options
nosniff
server
cafe
age
11055
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 20 Mar 2022 09:41:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6D82 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 09:53:05 GMT
x-content-type-options
nosniff
server
cafe
age
10368
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 20 Mar 2022 09:53:05 GMT
l
www.google.com/ads/measurement/ Frame 6D82 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ4AsG2d0YdgjgGqDXDOT4AjpEzfLOwR6WAxe3A7iQKDyy0hz4ELrhYIA-APIGR2V7isM8L9GgztHBAkU-JeS9vXetyYg
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 6D82 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CeiMEgdA1YsC6CbutlQf2nLqIBrPbsfBomqzPmtYPnvKY4sYuEAEgjeS9KWCVqrOCwAegAZ-f6poDyAEJqQLP6TMaFYqyPuACAKgDAcgDCKoE8gFP0AfDld58VXphZgN2cWDNaFjrfcMXpIaeQ__CUfDqWbOflh7kNGrqUja_4pnOc_Rzum3s-bqfZ60HMw1SfdEs4OYBxWbpYQ5CQBLEGjC6biACLIyEI5bijwVU3At1Z9YukdKTb8gOZfgB2vIzp9w0SLcflSb7h6Q5PpYAn2Gzite165C8H0Uz05DRhjVeBz51mW82IbbZWiAR7QRuuIs1H83gm2pY-XYpK7tF1YR5pEy6zb1pxMXnb9KmIgK7iN5Tu63f0dPvVoQGPGJzQkToxVPWAEVCBdS6sKp2wzZ51fUmVTNDbT9T94p-3CCNOEuDkMAE1-jN5vkD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB6fM0b8BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwUQr93xAdIICQiA4YAQEAEYHYAKA8gLAdgTDdAVAYAXAbIXHgocCAASFHB1Yi03MzgzMTcxODMwNjE0MjE2GJXiHw&sigh=rYiOSrqINkA&uach_m=[UACH]&template_id=419
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame A1D8 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?SbpPnw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 8DC3 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Q3rQLA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BCDB 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: uuid
URL: urn:uuid:8475b13c-33ce-9adf-b30b-9adf33ce8475
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Fri, 18 Mar 2022 13:26:12 GMT
expires
Sat, 19 Mar 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
83981
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 857D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 17 Mar 2022 07:28:30 GMT
expires
Fri, 17 Mar 2023 07:28:30 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
191843
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 6334 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8d5b18285226a942a9ea6c508f7e04d89483e0142e69ef2044be9544154e418

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
downsize_200k_v1
tpc.googlesyndication.com/simgad/14152269964109207562/ Frame 2BBD 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14152269964109207562/downsize_200k_v1?w=195&h=102
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac15a5f6b90178db22be2a07f2dcdd21ccd9e9980a7610a1be2c59565fee02fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 06:00:18 GMT
x-content-type-options
nosniff
age
197135
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6143
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 12:57:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Mar 2023 06:00:18 GMT
truncated
/ Frame 2BBD 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 2BBD 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 2BBD 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6e2280380dcfd812992031eda8d2439b9cb3f503747764f7eb4669fe66ee3b55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame 2BBD 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://anhdep24.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 22:47:37 GMT
x-content-type-options
nosniff
age
309496
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28328
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 21:57:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Mar 2023 22:47:37 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame AE19 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031401&jk=3006563798845522&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
view
googleads4.g.doubleclick.net/pcs/ Frame 6334 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstq01nOFr97BDE-moaj8THIMDXflYSXRl_iTdvN7xlWFADFhUXM7cYv4r5asz7ygcKVHgfWoYrSK86JvqkffJmU4K0mZGRP3RbfkXA5jw71iQ_tshj-vDeoX1gbHeu5YYQlDZJSxvu8whqUv7XTZ7fiUg73ijWHvA9hhNojeCAse8n9d6rZnWWqFrAoOdAbIJvJDYo_mHP8jKJ-omnjaOTUiWkKFQMr62yXmY7-NHgHkA1xG8uFEf8mSqEnkReujonuoChi7FhGQT9yLZTUwzrAn1122kgK_qbxDpPwAywgQ5nq9CHlRkAlsa5vfCB8z3V_fjh3Onb16ZdY1zaOEqxGb7ivrTd5AdZstMx9V81zxplk-MdH5lNNwcV4SW2BcGAdZWoyjH5MsRpu9N99au-QJEnnDwVsISYUJ3HpFJXHyWRjVbFZc8gMIpZ_mazmZW56ZuB0PzQL-c2-W9ATWNIUkY4_WScKyGlZ1itaCzJET97zBDyW0EH8lRBNbK3ABfUbjkTVJZzixmE0EilviAwDO_aBZNitSftYhoYp4mEHB1sKTklr5WaWAqE5adH0vgxJuyeMdoCSltDhREEbLxzXuKJGT5zVnil_u5Fsu9sE_m7fqKeZkvYKvYSrDG8ys6oiXrdzAcpPGZFGFl3xckshQH1QEgEKcjilAcYqyrnQmRRKi5EGupfQ4EWpcLzu2yLyB4F3FrnysvIWUbxhwBbJ5MMfO1qKIteMcJqHJT112SFXdQzNxPlAQAofc9ODQGkf5tv5KadjEvw-ipGsd8S6XshAcH-zn5igxYXDEi2e7Wh_8X-ECMU3Z60jnoMjCOHW5oq85sGvJQVy6_DG3ya7OmBSW3PdyMIXBUOYtwMnJZSsMr-KfdvNNjyYw4AaMkstGnsY5i7acyzFb5gkyFWJfiO6ZAqu3meTZgh5i9gZCWNPM2n_BRJ_fnFSewyakz5DeHCaY56-bwR462UnbPfxEAWL92IyH5mc45OAvTCSQTiroPeap6vZ-y3nNy4hvfVizpJwKMJi95UNUkrozVxFlSOGMt26fGfgaqVRiLtjzcX7mUAIGwNU6vONaiCMdLaiRqIx6LrF2pIT29_4Pn5M9hBM2DuUo7IPx1KmxH0ekTwvO3Kt0PCgVa3OMkmE_a0XNRafJ8VvLGe9Ff4rRbZf9qGkLJQl7Bxr5PyrHkjOQ2KBZNQYj9eiOW-q&sai=AMfl-YQjPZW4srckEml4JpwPSWgYHjpbyVxfAwQwZQxv3d4L5p9eLpUuCB_rNJVRRhJJNkAqK446WvWYJqWcFqtPS5ZXZeFfF-AE6yA-5ImdhXUPuFANOEyEdVjxPYSgX2MTc44x-NCjYxZj7G3W8h2EVbaUa4Fso3FNFGaFmhcZtyiX2hJ_dX1NUZDq-MfCklizNfvgBqMaW9P2KVUvl5thoZtZA1NbQ86kdt-KtylCc0YmuY_c5U6RlTMDdMhgGl7god2fBM0WSFs3H2Y639JbxeDu5qSTdg2K8JIoNU7YL5zg&sig=Cg0ArKJSzL5sg1NpwYn3EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=295&vt=11&dtpt=294&dett=2&cstd=0&cisv=r20220316.73967&adurl=
Requested by
Host: uuid
URL: urn:uuid:8475b13c-33ce-9adf-b30b-9adf33ce8475
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 19 Mar 2022 12:45:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel
googleads.g.doubleclick.net/xbbe/ Frame B565 		499 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNupDBD70OkBGIWE-cEBMAE&v=APEucNU7uF8SYVXYN8_2W9Jd3qUwl56_KY6TRbfsahbWuS36qJ3ITPgyP9RshP9asZ7kbFQ7_PPw1lE4Sz7AxcVp8JM6QLUc-loBTdwkJZ3m4b5hiqKbca2pfGb59nlidrlsTtr_rIlZt0wRP9uYhpTtXLgr2YQwzvo0pqsav8omVpjuEZHT7U7G2ApXaouqCkF_qZ13Up-B3k875tCFrjnsp9gcwyPkbA
Requested by
Host: d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com
URL: https://d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 19 Mar 2022 12:45:53 GMT
server
cafe
cache-control
private
content-length
313
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 5409 		75 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BVnUoSZAa8ND4nZKeGg1aD18m2-ExTwC9_-BFrWMX1eRGG0AdRnaZ5HHJmzHJD4t4bHncI6kJ_WrFou8AKY_lcBmh01FfH2r2OXSZyuRzezeQOdkpF6nOHuVmSTn8MibI2IDrmZ8P82_7Exl4peUAW8GhPtw&dbm_d=AKAmf-CILTamJZtxIaT-2lXAVhAiAu23YysHAcdNded_QnwzOpRbeKclmbGbmTKwT-qT0dsYEf6GROHW5DwbukTgQOywI3RUHoxKO2ATScVL_i5iHU9yQFRW08_CUnT_oJonRWbUPGpYa1EP22vyxPSsHhproOYU-crkbirv7HUXPpQ5j6pA3pogKKuncrN8sEZ8v1BODy8-sfn_chd3Q-HV8p5JLyzT7A_Fyw7xHG0esRQkHACZKQCnSwLGE5J61gnAIb8ZTIqiwUhYSBAJxRxsa9LplFchqMw4UjCGP3d3IYP8wNbEUE4XkbM_9EQbS93r70iCmdG4Nnpx4ZN1fmcGuj2hmnldsdYrpHDg46M6h80ZgbQi4ReBja_pk1BTGl7w2yAC-iulyM8cnGVgyH77UESV1-GNzAzQXoTGI5lVMHD0BYDOib_o9_0Vq6kMT6WvdUc6cFgTHGcZaQz1qH243Fs2KMnNYSXPmsiWfC8GXjYlAmaQngJtnrElYdLB8j5yF41qOqA679cHTSijrh4Yun3rDP2VVerxay4AM-uMXryKq4yYUUxLQNEtRnr6L7rg-hJkSAc_c4bfHzOK4B13ceViSVr7Nu5ccmP6fhJttXzSIpxExOy9t5G3mrSKd4S4c7a4ec87fut17wYcEi3ztLt2rb9aaycQSPCqS7dKrsTf07hZSkkSuI4QLluPyCtIWT8MAGMiyZ3BM1G2kw0T3g1E4_Wfqaau84u47Goifg52jdxe_pmTbbLYbLzeLMR3chwrt09ZUz1lXEDgN_MBvgKr4VuytYegqiuUg7AzchJGtCOTBZp92l4Icf1lLZtxZvjtXWfGytgzrHsjvbLXM2xPUf4spiyGjdKpIMHZ8w0Tdvu69YmlKwhraVDASsGIdhMVE08GMWe167oSvGG6d_g7C01wb6ugkkEg_Cox78Dxlwiy7qfem0obuG14hHPHGNILYqE-bEP7mmqhswJJppxe9wKR8o1WO1jJAY0uffRwa5GZqo3E1cn9Q7Qp1r9i5FfGURbaho2cRJ1LKF5NET3WPOfuyf4pVLru-2wzFnnU3xxJu4NYW1I3rwjobIHBJiRRQtZxDwapmi2fE-1e-WPFuGyyvkAe_CspgZgGTJse9ar9d3HVrEk3oFBUXXaG8-dLLA4QAS7WHR85QSCf_X9YPwsWrGHEeYoXpXKbg2nEOsEA3UhSk5mXFsWwtTqJCjULvjr6l1lqDpeuZwYF1wwwOg60rEQ2C8E46YZMzHARqieW5Ey25WErXguRFzLYR2Gxl7OgDDxwSUD2NTQ7OH5kgUfYpc59faRiGlY6ciYpECyB8ENE-S7P9ajEhkHU4IpV_ILw56zVgaIYJY-qo-FmhbRKgzLUhiauipq62n8uLsGYaQkHrFLtK9JBHnPEYe4t7WY8aYbgsprWmqngKy3g4kli-eynaKZWq5uCNt7MiOS64NlZ-o_5X53epb4xzgTb2onVqSr25RW6zMx14ndJPx8K8ixWJcVvy1IPdlfQTNbqeCDyTifZ3w1BcpMiWU0BFaxBGEAnPNXuzghq5PstnmVj0OvvO4_KH9IbX3YYXd7kAdWldzsypeGN6VJtSn4eTkARhwZWN3u_5jy4Rctb6C-0lj3nuJbLmz2C98kpmdLeivZWP8HhRSatBrBHEeEbxTfK8P0SasHHBkuBRx_qtWyVQfoq3J2CKzit5wv8Et29yVWsWSo4wpcgFMH1IR3j-3MaSwA2seG63gJmy1fX6pstt0QcEa71dW5yL5NRjhaJKj5nnu_74vjJGECqzxVAMUuQr8-62duRjOEU8ooGfKKCJwedeKgNzu0bXFILEYoMHJ9n7CVM9d_AoMDmdmw9HDjQIhjQUgDwCk_OOCXkT8FCV3IPuNrp6l5OftEJ_2inrCptUIeqxoGqtqRGIt6EB50wOK6J5ehV4wyZwAwcYsnkcaILQUxK2YhnfVYjp1VurR4Ei5KBh4_76JZwuugUcrPlcGn8npgcjKWYi708mtsi9PtgWbymyuEfpp-Uq69xTmRm7ouJpZhuAxUgZ5aX2lNnR378zKrGUmXHvx0TbIVQbQP5rGyG8KQ3kigkQQcXCOrt9jFPlRy844qs5kleI1j-alVe3JIxt9p3KybjzlAxhN0KZG-VLY59dJG3teqPJ2BuWr5w7EYoCZdW5sjAUgjaGaDtUmF1Z13cH0i85X7TVe-4VHlJUOM8V_GljZVX85L-4EfKsDgjcyACBykok1dL5Tv_c-sELQFGIdpDKxJd8YUwe2G1M_UFWANROKTSWe1ccLP8nyOhUkTlu4yoo4XoBl6pwDyIR3pPwgVKIqnBu1NwrVzg3LZ504l9-p1GxBz4ukmoFGCtyqxBzPFfogu9b5wAW3tswmR1SsgZ16AKiGgYC1XwXRGtFYSBw1Fx9eQ1iyz9hhudxVckGZslXzvD0K148ep_L9zzT-vmRMvD0E2okmxM7lz4g8By0mh9bc15AxGbqWSUzH5VOYOWTeT_R3B1dMAqGOkOBeai-ueBmaWiWyGNh3izIloaXF1yOAtH_xiZa_LNUMMa-Blu9CStU-lsLfmD_QBpzkCAmyCMpdExVHdfjn4910iPf5qOs7y95tBskmOdBoqTvg0M2qekGrgWJ7VxldZVNW9Dv6j8sdcu-E13xTFVaVx7ZTurP-yzpQQK9d5CmGAL14pBJd8QrPHLQH98iQDDR14jsJpXlV8UZ3IMZPMmSRjO5afYS2smNDpoktKAgTdmdu_JLsPDWZlYpRBuESC68MMv964hUqxmEx6LB-fhvnDf6V7J8vw988VMN6w8KjUCPtkk5t_A5ETOU3tMRTMFi2EnOOeRrzl_a4jVzGOxMlkt4c2RHz35fCPi52TcJ_cdfBnzG_vRSCswPmEQPU4PL_ExH2sxkh_viDCXv200B_C8WyHPtlkt3qPCfJ5y5tq9h7e41_qgtj1H7ARudlYTdoEai6epgkabccG-GXTR7BW37f88ukg9X7OxTDHaVLV1Eco4Z8BG04Qpuwkh2UCE2_W2PhC7J4kXfJLoA34CxmZj3LdI92sQgI33hiUFiEtrIngG--vRAiYb0uyRDW69u8nXvC_sFvo4uDJT14NHv12JegMf9xlOFPHCIiASa3zG_3IdzkzV28jfayXuFO0HwSiZOcuMvUD4iUgzbuRjpTeqEvN5Zmw&cid=CAASJeRo0TzhZD3mdbhp-Ue33HOE2r0UuOmB6UeOG4LQ-iEYDlPVfm0&rfl=3%2Chttps%253A%252F%252Fanhdep24.com%242%2C%2Chttps%253A%252F%252Fanhdep24.com%252F%240
Requested by
Host: www.google.com
URL: https://www.google.com/url?sa=t&source=web&rct=j&url=https://anhdep24.com/&ved=2ahUKEwihv5-mtIr2AhVfxzgGHdFqByIQFnoECAIQAQ&usg=AOvVaw2yuQNotRdTrslaDrqhKydp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
f40e6685bf42923427be232ea8c3993947d77b333c5566c64bc95b8e5b3e2e91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32732
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5409 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BO5g5MVUQ_rheXpcG5A7LfBaBTMRlsytC2Eg0SUOMtTXEGT1P8_hyWw1rW6DV8xfGLezBZ9nlQe3ODXaxtIXAIYA3fk10F8NPLFpQdOHXHA9Idr0Y
Requested by
Host: d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com
URL: https://d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 5409 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js
Requested by
Host: d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com
URL: https://d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Apr 2022 12:45:46 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5409 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com
URL: https://d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Mar 2022 12:45:53 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 5409 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com
URL: https://d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:29:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
964
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Apr 2022 12:29:49 GMT
l
www.google.com/ads/measurement/ Frame 5409 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR0suU5Yo7RqKiUXXIuksO6a_Y84ViTs14NvD5n0Dy2OoxZabbrWxeTdVot2dr5Ohn3Q_nXoNn1EbuFxg1d1sPRwiY1XA
Requested by
Host: d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com
URL: https://d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
truncated
/ Frame 6D82 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
381d083fef9b15cb752fc19ff1e48a31500903332f33fd6102a7f8d5ddcfb658

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
bg.jpg
tpc.googlesyndication.com/sadbundle/9375659732293331376/img/ Frame 6D82 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/9375659732293331376/img/bg.jpg
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e735704edf0c426019c4ae9ad0be01876e6f63ee12c92f62c80fc6878325b12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 19:48:31 GMT
x-content-type-options
nosniff
age
147442
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62335
x-xss-protection
0
last-modified
Thu, 03 Mar 2022 13:03:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Mar 2023 19:48:31 GMT
text1_1.png
tpc.googlesyndication.com/sadbundle/9375659732293331376/img/ Frame 6D82 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/9375659732293331376/img/text1_1.png
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40d63d5406b15a3af2a08eb0375ef52fe709953e90dc773334a084a45a01c1c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 19:48:31 GMT
x-content-type-options
nosniff
age
147442
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2146
x-xss-protection
0
last-modified
Thu, 03 Mar 2022 13:03:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Mar 2023 19:48:31 GMT
text1_2.png
tpc.googlesyndication.com/sadbundle/9375659732293331376/img/ Frame 6D82 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/9375659732293331376/img/text1_2.png
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53ca1c3c7a3e3cc43321e37a3bd12e9d3e13ea4648ff7ed1cfe9bf0470d815d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 19:48:31 GMT
x-content-type-options
nosniff
age
147442
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2086
x-xss-protection
0
last-modified
Thu, 03 Mar 2022 13:03:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Mar 2023 19:48:31 GMT
text2_1.png
tpc.googlesyndication.com/sadbundle/9375659732293331376/img/ Frame 6D82 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/9375659732293331376/img/text2_1.png
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4aacea7e08de8d6b45fcc08fbfb677c7c7859096c7327d8b0b6e66d40dd9d6b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 19:48:31 GMT
x-content-type-options
nosniff
age
147442
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2221
x-xss-protection
0
last-modified
Thu, 03 Mar 2022 13:03:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Mar 2023 19:48:31 GMT
text2_2.png
tpc.googlesyndication.com/sadbundle/9375659732293331376/img/ Frame 6D82 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/9375659732293331376/img/text2_2.png
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
76203b6be2c55e2d19ba62f98bc0806bfff9366b0c6bd29b9ebfa20cb29a990b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 19:48:31 GMT
x-content-type-options
nosniff
age
147442
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1802
x-xss-protection
0
last-modified
Thu, 03 Mar 2022 13:03:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Mar 2023 19:48:31 GMT
text3.png
tpc.googlesyndication.com/sadbundle/9375659732293331376/img/ Frame 6D82 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/9375659732293331376/img/text3.png
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70f591ddb8379ee779003ada24877c5b08e6737fdeb5ce232c2a95dfeb3b9e9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 19:48:31 GMT
x-content-type-options
nosniff
age
147442
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2541
x-xss-protection
0
last-modified
Thu, 03 Mar 2022 13:03:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Mar 2023 19:48:31 GMT
stoerer1.png
tpc.googlesyndication.com/sadbundle/9375659732293331376/img/ Frame 6D82 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/9375659732293331376/img/stoerer1.png
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a6cd5a2a2478d2ae264e12aa48a9fec0e4f940e8b4668081f30e2312a85da4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 19:48:31 GMT
x-content-type-options
nosniff
age
147442
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3835
x-xss-protection
0
last-modified
Thu, 03 Mar 2022 13:03:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Mar 2023 19:48:31 GMT
stoerer2.png
tpc.googlesyndication.com/sadbundle/9375659732293331376/img/ Frame 6D82 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/9375659732293331376/img/stoerer2.png
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
584d7e64579f0e2a3138d2552fb0b8655b02a4a4f244cd056eb39a717afe4feb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 19:48:31 GMT
x-content-type-options
nosniff
age
147442
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3424
x-xss-protection
0
last-modified
Thu, 03 Mar 2022 13:03:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Mar 2023 19:48:31 GMT
stoerer3.png
tpc.googlesyndication.com/sadbundle/9375659732293331376/img/ Frame 6D82 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/9375659732293331376/img/stoerer3.png
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37b159a0cdf39793c92b99dd78b847a2fc1e3620fb4cef689bb1d9dd123ac916
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 19:48:31 GMT
x-content-type-options
nosniff
age
147442
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3309
x-xss-protection
0
last-modified
Thu, 03 Mar 2022 13:03:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Mar 2023 19:48:31 GMT
logo.png
tpc.googlesyndication.com/sadbundle/9375659732293331376/img/ Frame 6D82 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/9375659732293331376/img/logo.png
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46b067ceb85399fae47b2969f7d6d110db5b06f8db477b70fc1b4d08b5a0eb0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 19:48:31 GMT
x-content-type-options
nosniff
age
147442
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2852
x-xss-protection
0
last-modified
Thu, 03 Mar 2022 13:03:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Mar 2023 19:48:31 GMT
info.png
tpc.googlesyndication.com/sadbundle/9375659732293331376/img/ Frame 6D82 		666 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/9375659732293331376/img/info.png
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4189fb507176e7c18b174c36ddb0b61ca5b4b8e2a01fe6d74c619623c6d6975d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 19:48:31 GMT
x-content-type-options
nosniff
age
147442
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
666
x-xss-protection
0
last-modified
Thu, 03 Mar 2022 13:03:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Mar 2023 19:48:31 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 6D82 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://anhdep24.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 18:59:49 GMT
x-content-type-options
nosniff
age
323164
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Mar 2023 18:59:49 GMT
J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
pagead2.googlesyndication.com/bg/ Frame 0055 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 09:42:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
11017
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13888
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 Mar 2023 09:42:16 GMT
728x90.html
s0.2mdn.net/sadbundle/7973448254094797164/EUVan_Branded_BookNow_HTML5_728x90/ Frame D957 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7973448254094797164/EUVan_Branded_BookNow_HTML5_728x90/728x90.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
447eaf30388fb18d4a05585be04b8cd938c69dfa24fafbffb8ba46b323b96d04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
2320
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
date
Fri, 18 Mar 2022 17:28:07 GMT
expires
Sat, 18 Mar 2023 17:28:07 GMT
cache-control
public, max-age=31536000
age
69466
last-modified
Fri, 11 Feb 2022 14:59:04 GMT
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 510E 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu78DQBk5CnNetz44J1lsr375YXq1IHP--EhpYvKu0ngAhZciucnvPHILpHWzVh5CeAW_5CA8crIFJ6CGJQP8LrRPBdwLVnosYwYnOBwqA9bMTf3XzYudizPoufxSfv1GDMPaDXreKsSGy-ToD51M_YA_ZMlSriJ3QJ4sAWLf9I9m0k3k8N952p5hz1EREMXBDSAGcRFYfGPRFwwBvL2d2W-8TVxGesqlICHugFpXlEY3CHidPIO3ebSR1qEJZ9kSRESnRK7m_bSo9-sHvvOlzdCNg0EfqVedOI7QkgP9Y7c-8zw20VAiNY6s6TlldLNhMmxGUSTegpMaElDwwDxW5n3Sv6zW_4fRc8mtxFCWGXPj5ZObIUvgNl07-HNozopEMw7PekP6DGEilMhdZfAIZeOmQx1h4H4-M1K6k_WJ5MjrhytftI7n_ZnHxabnH4JFYLUdIxKZRe8yjC8W91hduqDQ9gHoUlELylOUSKRVfK224zyDu2h4zh7FS7iIU4S94Sc0budpRwaLZCEkKI3kbqEWSkYVMCBcxyZ7DxBOGPA_S8AQW5-c3g1KIwlSlX-1JeTkVXp4A2Zo7UjFOcXanjvTGJAReV6uhQqMesWQWXilWDc4K1YRdRc6pmHxoWvXQHDPbdfYQ-DDCdAwPlNVAzruOsfMwCExTWbO7APHa8R2CQBGSDnxXI54D7EFBJ1bhOOT0U8SbmPQonNCrYlMg19YUuojZRBdo0eUYgHhgHfui8427N96kmEBnt6YYjv6ce8s0wZlWW9kjQphQuj41y4PIDvwaUK_GhdTnqz--4WweB4ArAn1XMf06XrUV8E--D-0DzhrpXpaJbHDjplYMabK6wNEqILAirebhntlEAPp-wF9y0-dOuo8ZBVVU3EehmOuhgPs7jO7Tsb9gnf4hxUKnw7-_Ex9HI8WKOpCkvWffgIN8eR-o0fl8_MZavbLGlQR7SnWR1NjkgjbDnlznNtXRPD--yzvD2jldVUc1VxoQ2RY0S0PqMKaTBDwEKKfP9ZkZwTRNJXO8b-4xIkw2NbPA8FkhZWFdPJwPeAmCESvPq9j9gd5bXq5E3q3BTsxIdm-765RNmLGUyIre_j4Q0r2wQO1TryBfmDgUv3ffMfpWjm0SkI1pXk92jWBIbLIqmOJ73PC85FsNxyyI8W1ZPEcr_ZKQ3bVdFf9oufw-b8Qd4uapzkkNZTn7jiKwt8cLuvsYyM2HQD14lMUOLnCQ4L5Hezk8Frg&sai=AMfl-YQjsI3sPliXedFTbz1O4VbMrmoRzD-tMiSiRQ9VhHIatq8TQGlG03EDsYjCZSbbNY8UEgDm6eZmPeh2DubahjVZvT6K6ACGH28z0yni94rUuu-dYpUsnMsdRg6F86vKNAJJCI9l7IZ09xIaRLT1ll3l36hEJ8Y6FFRJfftsh6KxakNd5DICFQy5eZf-QeX3EBgLxcvB6v5T8y-Pvm5WymAx&sig=Cg0ArKJSzD6P-lp0ProXEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=245&cbvp=1&cstd=242&cisv=r20220316.86784&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: www.google.com
URL: https://www.google.com/url?sa=t&source=web&rct=j&url=https://anhdep24.com/&ved=2ahUKEwihv5-mtIr2AhVfxzgGHdFqByIQFnoECAIQAQ&usg=AOvVaw2yuQNotRdTrslaDrqhKydp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sat, 19 Mar 2022 12:45:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
node.php
node.setupad.com/node/ Frame 1D0C 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sat, 19 Mar 2022 12:45:53 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
pixelSync
pixel-sync.sitescout.com/dmp/ Frame BCDB 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEEtI_B1X4OaxQwobwBIVeVY&google_cver=1&google_push=AYg5qPLpyXHAmmW4nqvPawe06AzsBvCWSi2Lb397-JHbeGX5uCUAeTVfdadjP4oKaL3KYuDGuvAyAcVrEwtUdUH-8mYfuco9LSfHIw
Requested by
Host: uuid
URL: urn:uuid:8475b13c-33ce-9adf-b30b-9adf33ce8475
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:53 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame BCDB
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENvwUHY6DkhUVu7bXmzsqC4&google_cver=1&google_push=AYg5qPL3GAQ_Z_U9R_VE2ccJLhucof2yCEm5XrnKbwfctCuEc0DSsZeEkcGRg4Jcrj8Ux85mB54bc_Gm0XU_u96bXoQ4LqE...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPL3GAQ_Z_U9R_VE2ccJLhucof2yCEm5XrnKbwfctCuEc0DSsZeEkcGRg4Jcrj8Ux85mB54bc_Gm0XU_u96bXoQ4LqEctLcw8w&google_hm=NDEwMTg5NTQzMTg4NTQz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPL3GAQ_Z_U9R_VE2ccJLhucof2yCEm5XrnKbwfctCuEc0DSsZeEkcGRg4Jcrj8Ux85mB54bc_Gm0XU_u96bXoQ4LqEctLcw8w&google_hm=NDEwMTg5NTQzMTg4NTQzNTYxNA%3D%3D
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 19 Mar 2022 12:45:53 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPL3GAQ_Z_U9R_VE2ccJLhucof2yCEm5XrnKbwfctCuEc0DSsZeEkcGRg4Jcrj8Ux85mB54bc_Gm0XU_u96bXoQ4LqEctLcw8w&google_hm=NDEwMTg5NTQzMTg4NTQzNTYxNA%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame BCDB
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEPcnadHPyXF09Ns0IXB7Ixg&google_cver=1&google_push=AYg5qPLKBC_zlZ3UUltKuDGaeDvDDCYYFGaenj4rMwrnmTeulJmeGdIvPaRT-222qohncu8VNpxiqPBdyF6Q39KIPzLAUKk...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEPcnadHPyXF09Ns0IXB7Ixg&google_cver=1&google_push=AYg5qPLKBC_zlZ3UUltKuDGaeDvDDCYYFGaenj4rMwrnmTeulJmeGdIvPaRT-222qohncu8VNpxiqPBdyF6Q39KIPzLAU...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLKBC_zlZ3UUltKuDGaeDvDDCYYFGaenj4rMwrnmTeulJmeGdIvPaRT-222qohncu8VNpxiqPBdyF6Q39KIPzLAUKk_eKzPEw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLKBC_zlZ3UUltKuDGaeDvDDCYYFGaenj4rMwrnmTeulJmeGdIvPaRT-222qohncu8VNpxiqPBdyF6Q39KIPzLAUKk_eKzPEw
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLKBC_zlZ3UUltKuDGaeDvDDCYYFGaenj4rMwrnmTeulJmeGdIvPaRT-222qohncu8VNpxiqPBdyF6Q39KIPzLAUKk_eKzPEw
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame BCDB
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEO-5VRgNZ4flQHrUHDtJBcw&google_cver=1&google_push=AYg5qPIwQjUHNDXMyrNWutrq9H72ncVjURegOTVcAKjLjvvu5Q6SjJcPQJU6vRiFkDSZqmnpykg9_xjoWeIvDnK6Io0Zuj81xftk
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPIwQjUHNDXMyrNWutrq9H72ncVjURegOTVcAKjLjvvu5Q6SjJcPQJU6vRiFkDSZqmnpykg9_xjoWeIvDnK6Io0Zuj81xftk&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODg5ODU3NTQ0NTE3Mjk1MTMwODEx&google_push=AYg5qPIwQjUHNDXMyrNWutrq9H72ncVjURegOTVcAKjLjvvu5Q6SjJcPQJU6vRiF...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODg5ODU3NTQ0NTE3Mjk1MTMwODEx&google_push=AYg5qPIwQjUHNDXMyrNWutrq9H72ncVjURegOTVcAKjLjvvu5Q6SjJcPQJU6vRiFkDSZqmnpykg9_xjoWeIvDnK6Io0Zuj81xftk
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODg5ODU3NTQ0NTE3Mjk1MTMwODEx&google_push=AYg5qPIwQjUHNDXMyrNWutrq9H72ncVjURegOTVcAKjLjvvu5Q6SjJcPQJU6vRiFkDSZqmnpykg9_xjoWeIvDnK6Io0Zuj81xftk
date
Sat, 19 Mar 2022 12:45:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
rtb2-useast.e-volution.ai/ Frame BCDB 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEH3YGFFCaa_pfPCXWU-WlV0&google_cver=1&google_push=AYg5qPLY5uN1pwGxSRbhvYfbxTKKxaWDaGlMrrtUoN3tMJlfD_W_y1XxVJXwEpps61uMwwmJtuKBtTLvZenxqVMz3f5Wz9okWJk0VD0
Requested by
Host: uuid
URL: urn:uuid:8475b13c-33ce-9adf-b30b-9adf33ce8475
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Mar 2022 12:45:54 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame BCDB
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEJPA0tztMP6kqOMML4l-Ukc&google_cver=1&google_push=AYg5qPKC9AFjSxFMZoa56H7mDaseIgfKhzvlQ2Z21RNNo9k38v8sgBNhFSxktSjJVXqifVAbi-1K30MjHV4lHNrmLGiIYj8...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPKC9AFjSxFMZoa56H7mDaseIgfKhzvlQ2Z21RNNo9k38v8sgBNhFSxktSjJVXqifVAbi-1K30MjHV4lHNrmLGiIYj89EP85cjI&google_hm=Njg0NDU1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPKC9AFjSxFMZoa56H7mDaseIgfKhzvlQ2Z21RNNo9k38v8sgBNhFSxktSjJVXqifVAbi-1K30MjHV4lHNrmLGiIYj89EP85cjI&google_hm=Njg0NDU1NTM3ODQ4MTM1NDMxNA==
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPKC9AFjSxFMZoa56H7mDaseIgfKhzvlQ2Z21RNNo9k38v8sgBNhFSxktSjJVXqifVAbi-1K30MjHV4lHNrmLGiIYj89EP85cjI&google_hm=Njg0NDU1NTM3ODQ4MTM1NDMxNA==
Date
Sat, 19 Mar 2022 12:45:54 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
0.gif
id5-sync.com/i/495/ Frame BCDB
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEAhm9SVJnCA8qgILQ_bGfkQ&google_cver=1&google_push=AYg5qPIZznxYZrE5sTCXzyeUVE1hX1nvAzUFA0Mmdh8527ZNmQuIltoTAPQDtQRdqcwdMFnBx2uTS6Zn-c_JtCp-rhvMrbYCZZfsJQQ
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAYg5qPIZznxYZrE5sTCXzyeUVE1hX1nvAzUFA0Mmdh8527ZNmQuIltoTAPQDtQRdqcwd...
43 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAYg5qPIZznxYZrE5sTCXzyeUVE1hX1nvAzUFA0Mmdh8527ZNmQuIltoTAPQDtQRdqcwdMFnBx2uTS6Zn-c_JtCp-rhvMrbYCZZfsJQQ&gdpr_consent=&gdpr=
Protocol
HTTP/1.1
Server
51.89.21.20 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p14.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 12:45:54 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Date
Sat, 19 Mar 2022 12:45:54 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-DNS-Prefetch-Control
off
Connection
keep-alive
Content-Length
274
X-XSS-Protection
0
Referrer-Policy
no-referrer
X-Frame-Options
SAMEORIGIN
Expect-CT
max-age=0
Vary
Accept
X-Download-Options
noopen
Content-Type
text/plain; charset=utf-8
Location
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAYg5qPIZznxYZrE5sTCXzyeUVE1hX1nvAzUFA0Mmdh8527ZNmQuIltoTAPQDtQRdqcwdMFnBx2uTS6Zn-c_JtCp-rhvMrbYCZZfsJQQ&gdpr_consent=&gdpr=
Content-Security-Policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
attr
cm.g.doubleclick.net/pixel/ Frame BCDB 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JyOCq0xEiqqtJCbuJNgJPmVHduM3phGsu0ELFcbHcKcZwMthounIl3ZNbfq9R-lE7o9bQ48BBH
Requested by
Host: uuid
URL: urn:uuid:8475b13c-33ce-9adf-b30b-9adf33ce8475
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:53 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 510E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com
URL: https://76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 07:28:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
191870
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Mar 2023 07:28:03 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E746 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com
URL: https://76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Fri, 18 Mar 2022 13:26:12 GMT
expires
Sat, 19 Mar 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
83981
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
partner
sync.search.spotxchange.com/ Frame B565
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECOznEm6TvDjZSJ8u_XnpNQ&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECOznEm6TvDjZSJ8u_XnpNQ&google_cver=1&__user_check__=1&sync_id=83d247e2-a782-11ec-af66-1024185a0406
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECOznEm6TvDjZSJ8u_XnpNQ&google_cver=1&__user_check__=1&sync_id=83d247e2-a782-11ec-af66-1024185a0406
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNupDBD70OkBGIWE-cEBMAE&v=APEucNU7uF8SYVXYN8_2W9Jd3qUwl56_KY6TRbfsahbWuS36qJ3ITPgyP9RshP9asZ7kbFQ7_PPw1lE4Sz7AxcVp8JM6QLUc-loBTdwkJZ3m4b5hiqKbca2pfGb59nlidrlsTtr_rIlZt0wRP9uYhpTtXLgr2YQwzvo0pqsav8omVpjuEZHT7U7G2ApXaouqCkF_qZ13Up-B3k875tCFrjnsp9gcwyPkbA
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 12:45:54 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
82
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Sat, 19 Mar 2022 12:45:54 GMT
Server
nginx
Location
/partner?adv_id=7025&uid=CAESECOznEm6TvDjZSJ8u_XnpNQ&google_cver=1&__user_check__=1&sync_id=83d247e2-a782-11ec-af66-1024185a0406
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
29
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame B565
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ODNkMjQ3YTMtYTc4Mi0xMWVjLWFmNjYtMTAyNDE4NWEwNDA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ODNkMjQ3YTMtYTc4Mi0xMWVjLWFmNjYtMTAyNDE4NWEwNDA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNupDBD70OkBGIWE-cEBMAE&v=APEucNU7uF8SYVXYN8_2W9Jd3qUwl56_KY6TRbfsahbWuS36qJ3ITPgyP9RshP9asZ7kbFQ7_PPw1lE4Sz7AxcVp8JM6QLUc-loBTdwkJZ3m4b5hiqKbca2pfGb59nlidrlsTtr_rIlZt0wRP9uYhpTtXLgr2YQwzvo0pqsav8omVpjuEZHT7U7G2ApXaouqCkF_qZ13Up-B3k875tCFrjnsp9gcwyPkbA
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 19 Mar 2022 12:45:54 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ODNkMjQ3YTMtYTc4Mi0xMWVjLWFmNjYtMTAyNDE4NWEwNDA2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
23
Connection
keep-alive
Content-Length
0
v1
ads.yahoo.com/cms/ Frame B565 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNupDBD70OkBGIWE-cEBMAE&v=APEucNU7uF8SYVXYN8_2W9Jd3qUwl56_KY6TRbfsahbWuS36qJ3ITPgyP9RshP9asZ7kbFQ7_PPw1lE4Sz7AxcVp8JM6QLUc-loBTdwkJZ3m4b5hiqKbca2pfGb59nlidrlsTtr_rIlZt0wRP9uYhpTtXLgr2YQwzvo0pqsav8omVpjuEZHT7U7G2ApXaouqCkF_qZ13Up-B3k875tCFrjnsp9gcwyPkbA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:54 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2BBD 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012202142035000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 09:41:38 GMT
x-content-type-options
nosniff
server
cafe
age
11056
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 20 Mar 2022 09:41:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2BBD 		295 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012202142035000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 09:53:05 GMT
x-content-type-options
nosniff
server
cafe
age
10369
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 20 Mar 2022 09:53:05 GMT
truncated
/ Frame 510E 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
38ffe5a3c342bb6703ad8d1d60acd40695550e20fdfd0744f30fad9b9f29ec57

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
generate_204
tpc.googlesyndication.com/ Frame B440 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?PnYBag
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
node.php
node.setupad.com/node/ Frame 42C6 		0
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sat, 19 Mar 2022 12:45:54 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
sodar
pagead2.googlesyndication.com/getconfig/ Frame 42C6 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
223845d90e8f3574780fe5d0e4f8f09b3aba1d0a380bfbdfb3395557f46a8be0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 19 Mar 2022 12:45:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10556
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame 3A57 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?bJZO0w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 5409 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: www.google.com
URL: https://www.google.com/url?sa=t&source=web&rct=j&url=https://anhdep24.com/&ved=2ahUKEwihv5-mtIr2AhVfxzgGHdFqByIQFnoECAIQAQ&usg=AOvVaw2yuQNotRdTrslaDrqhKydp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com/
Origin
https://d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 14:28:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80221
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 19 Mar 2022 14:28:53 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220316/r20110914/elements/html/ Frame 5409 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220316/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BVnUoSZAa8ND4nZKeGg1aD18m2-ExTwC9_-BFrWMX1eRGG0AdRnaZ5HHJmzHJD4t4bHncI6kJ_WrFou8AKY_lcBmh01FfH2r2OXSZyuRzezeQOdkpF6nOHuVmSTn8MibI2IDrmZ8P82_7Exl4peUAW8GhPtw&dbm_d=AKAmf-CILTamJZtxIaT-2lXAVhAiAu23YysHAcdNded_QnwzOpRbeKclmbGbmTKwT-qT0dsYEf6GROHW5DwbukTgQOywI3RUHoxKO2ATScVL_i5iHU9yQFRW08_CUnT_oJonRWbUPGpYa1EP22vyxPSsHhproOYU-crkbirv7HUXPpQ5j6pA3pogKKuncrN8sEZ8v1BODy8-sfn_chd3Q-HV8p5JLyzT7A_Fyw7xHG0esRQkHACZKQCnSwLGE5J61gnAIb8ZTIqiwUhYSBAJxRxsa9LplFchqMw4UjCGP3d3IYP8wNbEUE4XkbM_9EQbS93r70iCmdG4Nnpx4ZN1fmcGuj2hmnldsdYrpHDg46M6h80ZgbQi4ReBja_pk1BTGl7w2yAC-iulyM8cnGVgyH77UESV1-GNzAzQXoTGI5lVMHD0BYDOib_o9_0Vq6kMT6WvdUc6cFgTHGcZaQz1qH243Fs2KMnNYSXPmsiWfC8GXjYlAmaQngJtnrElYdLB8j5yF41qOqA679cHTSijrh4Yun3rDP2VVerxay4AM-uMXryKq4yYUUxLQNEtRnr6L7rg-hJkSAc_c4bfHzOK4B13ceViSVr7Nu5ccmP6fhJttXzSIpxExOy9t5G3mrSKd4S4c7a4ec87fut17wYcEi3ztLt2rb9aaycQSPCqS7dKrsTf07hZSkkSuI4QLluPyCtIWT8MAGMiyZ3BM1G2kw0T3g1E4_Wfqaau84u47Goifg52jdxe_pmTbbLYbLzeLMR3chwrt09ZUz1lXEDgN_MBvgKr4VuytYegqiuUg7AzchJGtCOTBZp92l4Icf1lLZtxZvjtXWfGytgzrHsjvbLXM2xPUf4spiyGjdKpIMHZ8w0Tdvu69YmlKwhraVDASsGIdhMVE08GMWe167oSvGG6d_g7C01wb6ugkkEg_Cox78Dxlwiy7qfem0obuG14hHPHGNILYqE-bEP7mmqhswJJppxe9wKR8o1WO1jJAY0uffRwa5GZqo3E1cn9Q7Qp1r9i5FfGURbaho2cRJ1LKF5NET3WPOfuyf4pVLru-2wzFnnU3xxJu4NYW1I3rwjobIHBJiRRQtZxDwapmi2fE-1e-WPFuGyyvkAe_CspgZgGTJse9ar9d3HVrEk3oFBUXXaG8-dLLA4QAS7WHR85QSCf_X9YPwsWrGHEeYoXpXKbg2nEOsEA3UhSk5mXFsWwtTqJCjULvjr6l1lqDpeuZwYF1wwwOg60rEQ2C8E46YZMzHARqieW5Ey25WErXguRFzLYR2Gxl7OgDDxwSUD2NTQ7OH5kgUfYpc59faRiGlY6ciYpECyB8ENE-S7P9ajEhkHU4IpV_ILw56zVgaIYJY-qo-FmhbRKgzLUhiauipq62n8uLsGYaQkHrFLtK9JBHnPEYe4t7WY8aYbgsprWmqngKy3g4kli-eynaKZWq5uCNt7MiOS64NlZ-o_5X53epb4xzgTb2onVqSr25RW6zMx14ndJPx8K8ixWJcVvy1IPdlfQTNbqeCDyTifZ3w1BcpMiWU0BFaxBGEAnPNXuzghq5PstnmVj0OvvO4_KH9IbX3YYXd7kAdWldzsypeGN6VJtSn4eTkARhwZWN3u_5jy4Rctb6C-0lj3nuJbLmz2C98kpmdLeivZWP8HhRSatBrBHEeEbxTfK8P0SasHHBkuBRx_qtWyVQfoq3J2CKzit5wv8Et29yVWsWSo4wpcgFMH1IR3j-3MaSwA2seG63gJmy1fX6pstt0QcEa71dW5yL5NRjhaJKj5nnu_74vjJGECqzxVAMUuQr8-62duRjOEU8ooGfKKCJwedeKgNzu0bXFILEYoMHJ9n7CVM9d_AoMDmdmw9HDjQIhjQUgDwCk_OOCXkT8FCV3IPuNrp6l5OftEJ_2inrCptUIeqxoGqtqRGIt6EB50wOK6J5ehV4wyZwAwcYsnkcaILQUxK2YhnfVYjp1VurR4Ei5KBh4_76JZwuugUcrPlcGn8npgcjKWYi708mtsi9PtgWbymyuEfpp-Uq69xTmRm7ouJpZhuAxUgZ5aX2lNnR378zKrGUmXHvx0TbIVQbQP5rGyG8KQ3kigkQQcXCOrt9jFPlRy844qs5kleI1j-alVe3JIxt9p3KybjzlAxhN0KZG-VLY59dJG3teqPJ2BuWr5w7EYoCZdW5sjAUgjaGaDtUmF1Z13cH0i85X7TVe-4VHlJUOM8V_GljZVX85L-4EfKsDgjcyACBykok1dL5Tv_c-sELQFGIdpDKxJd8YUwe2G1M_UFWANROKTSWe1ccLP8nyOhUkTlu4yoo4XoBl6pwDyIR3pPwgVKIqnBu1NwrVzg3LZ504l9-p1GxBz4ukmoFGCtyqxBzPFfogu9b5wAW3tswmR1SsgZ16AKiGgYC1XwXRGtFYSBw1Fx9eQ1iyz9hhudxVckGZslXzvD0K148ep_L9zzT-vmRMvD0E2okmxM7lz4g8By0mh9bc15AxGbqWSUzH5VOYOWTeT_R3B1dMAqGOkOBeai-ueBmaWiWyGNh3izIloaXF1yOAtH_xiZa_LNUMMa-Blu9CStU-lsLfmD_QBpzkCAmyCMpdExVHdfjn4910iPf5qOs7y95tBskmOdBoqTvg0M2qekGrgWJ7VxldZVNW9Dv6j8sdcu-E13xTFVaVx7ZTurP-yzpQQK9d5CmGAL14pBJd8QrPHLQH98iQDDR14jsJpXlV8UZ3IMZPMmSRjO5afYS2smNDpoktKAgTdmdu_JLsPDWZlYpRBuESC68MMv964hUqxmEx6LB-fhvnDf6V7J8vw988VMN6w8KjUCPtkk5t_A5ETOU3tMRTMFi2EnOOeRrzl_a4jVzGOxMlkt4c2RHz35fCPi52TcJ_cdfBnzG_vRSCswPmEQPU4PL_ExH2sxkh_viDCXv200B_C8WyHPtlkt3qPCfJ5y5tq9h7e41_qgtj1H7ARudlYTdoEai6epgkabccG-GXTR7BW37f88ukg9X7OxTDHaVLV1Eco4Z8BG04Qpuwkh2UCE2_W2PhC7J4kXfJLoA34CxmZj3LdI92sQgI33hiUFiEtrIngG--vRAiYb0uyRDW69u8nXvC_sFvo4uDJT14NHv12JegMf9xlOFPHCIiASa3zG_3IdzkzV28jfayXuFO0HwSiZOcuMvUD4iUgzbuRjpTeqEvN5Zmw&cid=CAASJeRo0TzhZD3mdbhp-Ue33HOE2r0UuOmB6UeOG4LQ-iEYDlPVfm0&rfl=3%2Chttps%253A%252F%252Fanhdep24.com%242%2C%2Chttps%253A%252F%252Fanhdep24.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:39:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
396
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Apr 2022 12:39:18 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220316/r20110914/ Frame 5409 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220316/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BVnUoSZAa8ND4nZKeGg1aD18m2-ExTwC9_-BFrWMX1eRGG0AdRnaZ5HHJmzHJD4t4bHncI6kJ_WrFou8AKY_lcBmh01FfH2r2OXSZyuRzezeQOdkpF6nOHuVmSTn8MibI2IDrmZ8P82_7Exl4peUAW8GhPtw&dbm_d=AKAmf-CILTamJZtxIaT-2lXAVhAiAu23YysHAcdNded_QnwzOpRbeKclmbGbmTKwT-qT0dsYEf6GROHW5DwbukTgQOywI3RUHoxKO2ATScVL_i5iHU9yQFRW08_CUnT_oJonRWbUPGpYa1EP22vyxPSsHhproOYU-crkbirv7HUXPpQ5j6pA3pogKKuncrN8sEZ8v1BODy8-sfn_chd3Q-HV8p5JLyzT7A_Fyw7xHG0esRQkHACZKQCnSwLGE5J61gnAIb8ZTIqiwUhYSBAJxRxsa9LplFchqMw4UjCGP3d3IYP8wNbEUE4XkbM_9EQbS93r70iCmdG4Nnpx4ZN1fmcGuj2hmnldsdYrpHDg46M6h80ZgbQi4ReBja_pk1BTGl7w2yAC-iulyM8cnGVgyH77UESV1-GNzAzQXoTGI5lVMHD0BYDOib_o9_0Vq6kMT6WvdUc6cFgTHGcZaQz1qH243Fs2KMnNYSXPmsiWfC8GXjYlAmaQngJtnrElYdLB8j5yF41qOqA679cHTSijrh4Yun3rDP2VVerxay4AM-uMXryKq4yYUUxLQNEtRnr6L7rg-hJkSAc_c4bfHzOK4B13ceViSVr7Nu5ccmP6fhJttXzSIpxExOy9t5G3mrSKd4S4c7a4ec87fut17wYcEi3ztLt2rb9aaycQSPCqS7dKrsTf07hZSkkSuI4QLluPyCtIWT8MAGMiyZ3BM1G2kw0T3g1E4_Wfqaau84u47Goifg52jdxe_pmTbbLYbLzeLMR3chwrt09ZUz1lXEDgN_MBvgKr4VuytYegqiuUg7AzchJGtCOTBZp92l4Icf1lLZtxZvjtXWfGytgzrHsjvbLXM2xPUf4spiyGjdKpIMHZ8w0Tdvu69YmlKwhraVDASsGIdhMVE08GMWe167oSvGG6d_g7C01wb6ugkkEg_Cox78Dxlwiy7qfem0obuG14hHPHGNILYqE-bEP7mmqhswJJppxe9wKR8o1WO1jJAY0uffRwa5GZqo3E1cn9Q7Qp1r9i5FfGURbaho2cRJ1LKF5NET3WPOfuyf4pVLru-2wzFnnU3xxJu4NYW1I3rwjobIHBJiRRQtZxDwapmi2fE-1e-WPFuGyyvkAe_CspgZgGTJse9ar9d3HVrEk3oFBUXXaG8-dLLA4QAS7WHR85QSCf_X9YPwsWrGHEeYoXpXKbg2nEOsEA3UhSk5mXFsWwtTqJCjULvjr6l1lqDpeuZwYF1wwwOg60rEQ2C8E46YZMzHARqieW5Ey25WErXguRFzLYR2Gxl7OgDDxwSUD2NTQ7OH5kgUfYpc59faRiGlY6ciYpECyB8ENE-S7P9ajEhkHU4IpV_ILw56zVgaIYJY-qo-FmhbRKgzLUhiauipq62n8uLsGYaQkHrFLtK9JBHnPEYe4t7WY8aYbgsprWmqngKy3g4kli-eynaKZWq5uCNt7MiOS64NlZ-o_5X53epb4xzgTb2onVqSr25RW6zMx14ndJPx8K8ixWJcVvy1IPdlfQTNbqeCDyTifZ3w1BcpMiWU0BFaxBGEAnPNXuzghq5PstnmVj0OvvO4_KH9IbX3YYXd7kAdWldzsypeGN6VJtSn4eTkARhwZWN3u_5jy4Rctb6C-0lj3nuJbLmz2C98kpmdLeivZWP8HhRSatBrBHEeEbxTfK8P0SasHHBkuBRx_qtWyVQfoq3J2CKzit5wv8Et29yVWsWSo4wpcgFMH1IR3j-3MaSwA2seG63gJmy1fX6pstt0QcEa71dW5yL5NRjhaJKj5nnu_74vjJGECqzxVAMUuQr8-62duRjOEU8ooGfKKCJwedeKgNzu0bXFILEYoMHJ9n7CVM9d_AoMDmdmw9HDjQIhjQUgDwCk_OOCXkT8FCV3IPuNrp6l5OftEJ_2inrCptUIeqxoGqtqRGIt6EB50wOK6J5ehV4wyZwAwcYsnkcaILQUxK2YhnfVYjp1VurR4Ei5KBh4_76JZwuugUcrPlcGn8npgcjKWYi708mtsi9PtgWbymyuEfpp-Uq69xTmRm7ouJpZhuAxUgZ5aX2lNnR378zKrGUmXHvx0TbIVQbQP5rGyG8KQ3kigkQQcXCOrt9jFPlRy844qs5kleI1j-alVe3JIxt9p3KybjzlAxhN0KZG-VLY59dJG3teqPJ2BuWr5w7EYoCZdW5sjAUgjaGaDtUmF1Z13cH0i85X7TVe-4VHlJUOM8V_GljZVX85L-4EfKsDgjcyACBykok1dL5Tv_c-sELQFGIdpDKxJd8YUwe2G1M_UFWANROKTSWe1ccLP8nyOhUkTlu4yoo4XoBl6pwDyIR3pPwgVKIqnBu1NwrVzg3LZ504l9-p1GxBz4ukmoFGCtyqxBzPFfogu9b5wAW3tswmR1SsgZ16AKiGgYC1XwXRGtFYSBw1Fx9eQ1iyz9hhudxVckGZslXzvD0K148ep_L9zzT-vmRMvD0E2okmxM7lz4g8By0mh9bc15AxGbqWSUzH5VOYOWTeT_R3B1dMAqGOkOBeai-ueBmaWiWyGNh3izIloaXF1yOAtH_xiZa_LNUMMa-Blu9CStU-lsLfmD_QBpzkCAmyCMpdExVHdfjn4910iPf5qOs7y95tBskmOdBoqTvg0M2qekGrgWJ7VxldZVNW9Dv6j8sdcu-E13xTFVaVx7ZTurP-yzpQQK9d5CmGAL14pBJd8QrPHLQH98iQDDR14jsJpXlV8UZ3IMZPMmSRjO5afYS2smNDpoktKAgTdmdu_JLsPDWZlYpRBuESC68MMv964hUqxmEx6LB-fhvnDf6V7J8vw988VMN6w8KjUCPtkk5t_A5ETOU3tMRTMFi2EnOOeRrzl_a4jVzGOxMlkt4c2RHz35fCPi52TcJ_cdfBnzG_vRSCswPmEQPU4PL_ExH2sxkh_viDCXv200B_C8WyHPtlkt3qPCfJ5y5tq9h7e41_qgtj1H7ARudlYTdoEai6epgkabccG-GXTR7BW37f88ukg9X7OxTDHaVLV1Eco4Z8BG04Qpuwkh2UCE2_W2PhC7J4kXfJLoA34CxmZj3LdI92sQgI33hiUFiEtrIngG--vRAiYb0uyRDW69u8nXvC_sFvo4uDJT14NHv12JegMf9xlOFPHCIiASa3zG_3IdzkzV28jfayXuFO0HwSiZOcuMvUD4iUgzbuRjpTeqEvN5Zmw&cid=CAASJeRo0TzhZD3mdbhp-Ue33HOE2r0UuOmB6UeOG4LQ-iEYDlPVfm0&rfl=3%2Chttps%253A%252F%252Fanhdep24.com%242%2C%2Chttps%253A%252F%252Fanhdep24.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
cafe
etag
16576748017229546422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Apr 2022 12:45:21 GMT
node.php
node.setupad.com/node/ Frame A103 		0
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sat, 19 Mar 2022 12:45:54 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
createjs.min.js
s0.2mdn.net/sadbundle/7973448254094797164/EUVan_Branded_BookNow_HTML5_728x90/libs/1.0.0/ Frame D957 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7973448254094797164/EUVan_Branded_BookNow_HTML5_728x90/libs/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7973448254094797164/EUVan_Branded_BookNow_HTML5_728x90/728x90.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7973448254094797164/EUVan_Branded_BookNow_HTML5_728x90/728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 17:28:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69467
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64184
x-xss-protection
0
last-modified
Fri, 11 Feb 2022 14:59:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Mar 2023 17:28:07 GMT
728x90.js
s0.2mdn.net/sadbundle/7973448254094797164/EUVan_Branded_BookNow_HTML5_728x90/ Frame D957 		55 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7973448254094797164/EUVan_Branded_BookNow_HTML5_728x90/728x90.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7973448254094797164/EUVan_Branded_BookNow_HTML5_728x90/728x90.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35dcc57b9e2989fedc019c5266201978701de042cbbb527753168f1bb1d824f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7973448254094797164/EUVan_Branded_BookNow_HTML5_728x90/728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 17:28:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69467
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8374
x-xss-protection
0
last-modified
Fri, 11 Feb 2022 14:59:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Mar 2023 17:28:07 GMT
c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js
pagead2.googlesyndication.com/bg/ Frame 857D 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73d48e5b77e6f9c20e969dedbd1b226f3904b843b532a3324297d145596e0564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 11:51:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
3288
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13819
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 Mar 2023 11:51:06 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D459 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 17 Mar 2022 07:28:30 GMT
expires
Fri, 17 Mar 2023 07:28:30 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
191844
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 42C6 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Mar 2022 12:45:54 GMT
pixel
cm.g.doubleclick.net/ Frame E746
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEGaB1IQzDVXgdMiivRK-gwI&google_cver=1&google_push=AYg5qPIpTtcDcoIwMtNWLYFa3sMzegQsj2HXfDHjuIk5yN3Tm72UkTccQsfj9GFn9_Z0SMMlAhWBIMqYFVJgGpWtGYcSGHkqCx0XEA
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=064D7305A3914CA283E387B9F6083E8B&google_push=AYg5qPIpTtcDcoIwMtNWLYFa3sMzegQsj2HXfDHjuIk5yN3Tm72UkTccQsfj9GFn9_Z0SMMlAhWBIMqYFVJgGpW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=064D7305A3914CA283E387B9F6083E8B&google_push=AYg5qPIpTtcDcoIwMtNWLYFa3sMzegQsj2HXfDHjuIk5yN3Tm72UkTccQsfj9GFn9_Z0SMMlAhWBIMqYFVJgGpWtGYcSGHkqCx0XEA
Requested by
Host: 76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com
URL: https://76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 19 Mar 2022 12:45:54 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=064D7305A3914CA283E387B9F6083E8B&google_push=AYg5qPIpTtcDcoIwMtNWLYFa3sMzegQsj2HXfDHjuIk5yN3Tm72UkTccQsfj9GFn9_Z0SMMlAhWBIMqYFVJgGpWtGYcSGHkqCx0XEA
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Fri, 18 Mar 2022 12:45:54 GMT
pixel
cm.g.doubleclick.net/ Frame E746
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOwI5RCfUz7vOasPm6IfMUE&google_cver=1&google_push=AYg5qPID4LdWmdCpkkUh1Md7BGmhpRYQ228wIRScDqlxUywwkBM18dOcAddtwpr24pQ0BPVRf51F1xJeyCEw8M...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA3Njc5MTY0NjI1MzE1MjQwMw%3D%3D&google_push=AYg5qPID4LdWmdCpkkUh1Md7BGmhpRYQ228wIRScDqlxUywwkBM18dOcAddtwpr24pQ0BPVRf51F1xJeyCEw8Mnoo0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA3Njc5MTY0NjI1MzE1MjQwMw%3D%3D&google_push=AYg5qPID4LdWmdCpkkUh1Md7BGmhpRYQ228wIRScDqlxUywwkBM18dOcAddtwpr24pQ0BPVRf51F1xJeyCEw8Mnoo0ElcI_IKGl7Uw
Requested by
Host: 76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com
URL: https://76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA3Njc5MTY0NjI1MzE1MjQwMw%3D%3D&google_push=AYg5qPID4LdWmdCpkkUh1Md7BGmhpRYQ228wIRScDqlxUywwkBM18dOcAddtwpr24pQ0BPVRf51F1xJeyCEw8Mnoo0ElcI_IKGl7Uw
Date
Sat, 19 Mar 2022 12:45:54 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
gg_pixel
sync.adaptv.advertising.com/ Frame E746 		0
0
pixel
cm.g.doubleclick.net/ Frame E746
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEITFfddgM_1bVvfWIXIw6OQ&google_cver=1&google_push=AYg5qPJMsdTQqIKC6FjN26lhqfaEaZRBla4oTMTM4Yn8GYERujxmAfOHU2SXEOwC24F1nsNSWIX--qrY...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEITFfddgM_1bVvfWIXIw6OQ&google_cver=1&google_push=AYg5qPJMsdTQqIKC6FjN26lhqfaEaZRBla4oTMTM4Yn8GYERujxmAfOHU2SXEOwC24F1nsNSWIX...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDI1OTgyMjgzNDUyNzE4MjY1NA&google_push=AYg5qPJMsdTQqIKC6FjN26lhqfaEaZRBla4oTMTM4Yn8GYERujxmAfOHU2SXEOwC24F1nsNSWIX--q...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDI1OTgyMjgzNDUyNzE4MjY1NA&google_push=AYg5qPJMsdTQqIKC6FjN26lhqfaEaZRBla4oTMTM4Yn8GYERujxmAfOHU2SXEOwC24F1nsNSWIX--qrYDCWIBjAcv89iLX1I_5krHQ
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:54 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDI1OTgyMjgzNDUyNzE4MjY1NA&google_push=AYg5qPJMsdTQqIKC6FjN26lhqfaEaZRBla4oTMTM4Yn8GYERujxmAfOHU2SXEOwC24F1nsNSWIX--qrYDCWIBjAcv89iLX1I_5krHQ
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sync
ssbsync.smartadserver.com/api/ Frame E746 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEM_0RlUpUpYzLxGvuK86uQY&google_cver=1&google_push=AYg5qPJGmKJRLBZbUdR2VNC0J8kKb-Vtd6VniQQ2rQkawEdvaA7QhZ7UKCGUEPhoPpnmm4DfdOd9uKjDjugbOsRYReymY10Y2KJ9kw
Requested by
Host: 76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com
URL: https://76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:54 GMT
content-length
0
/
cc.adingo.jp/adx/push/ Frame E746 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEK2LAEpZ92B7hiIP_wpD-0A&google_cver=1&google_push=AYg5qPL9L1VGRHxPeDYTqeydJiBmoiv5O_Xv854PhdEgzKnPbbUUu8ogt7bJVzvxkF4TVmY9QwVeLHkoRp1Ixh3aykOdnSkX0Z3E5g
Requested by
Host: 76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com
URL: https://76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.75.193.236 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-75-193-236.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:55 GMT
server
awselb/2.0
/
onetag-sys.com/sync/i,19/ Frame E746
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESELpe4yU2FhkyLuX3oD1a8RU&google_cver=1&google_push=AYg5qPKpwn-D29Qk7IG_PlNJTrRJHW1jI7lo6aUziG-qdFnewhrQRMEIldw71-SEoM4ezV_hTHCEAbos0Ju...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPKpwn-D29Qk7IG_PlNJTrRJHW1jI7lo6aUziG-qdFnewhrQRMEIldw71-SEoM4ezV_hTHCEAbos0JuNXO0DXUCTmKHprXCz4OI
  • https://onetag-sys.com/sync/i,19/?google_error=5
0
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/sync/i,19/?google_error=5
Requested by
Host: 76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com
URL: https://76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/sync/i,19/?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
245
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame E746 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IBv-AhH5AIVFeDLzxyZhNlSABmKbxVZAAGBDxcJ3QO7B8NXpkAUbTCbueDf1qLzspVfbTC0A
Requested by
Host: 76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com
URL: https://76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:54 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
728x90.html
s0.2mdn.net/sadbundle/7973448254094797164/EUVan_Branded_BookNow_HTML5_728x90/ Frame 3DAA 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7973448254094797164/EUVan_Branded_BookNow_HTML5_728x90/728x90.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
447eaf30388fb18d4a05585be04b8cd938c69dfa24fafbffb8ba46b323b96d04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
2320
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
date
Fri, 18 Mar 2022 17:28:07 GMT
expires
Sat, 18 Mar 2023 17:28:07 GMT
cache-control
public, max-age=31536000
age
69467
last-modified
Fri, 11 Feb 2022 14:59:04 GMT
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 5409 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu8-XKswXzzu12Y95qGHSk8-FYLer3YTAmBvn-WJoCTRXsf1sewzweXpXXcjsYYBj_oXmupf4Gj9xWtaSGTHzckWZDNyuwp0aubxci_htZbkOXLDO_QDvNEbEL9nBfK_lXo_oC_lRlu-xBx8k-NYWrZTTkpHXk4kiZb4DiZkQvDuD-kZJEQ5u-ZBPlC6OXUR2AFWL1ollH_HAI29jduTqw3JQIbOOuzvdQrQA08ILfDK-NXHi-MHGjHZTkerpLuHwZOHtDPA644QeSpJh_3KsiMXNbEKQ8dlKYU20Z3KcyzdPgxE_V1cmCLCTIiJJKRL9Hj7c2PTvDeKlnu4S1qtNY3R8ZpHlo0vQxZfcgrX1-7-XkUdYR5792DPB8RfVB_AUPI9-HjReDxwTjnJlWZ2e2emI7TdSE6tMhm0-hxuuAAuU_w7Ap1mRW8whiVfdOvqsCv3l8s1ESOHJsbJr_J0GS8z7-XUuArrErUN-aRGFIHQdYT2D6qVoWap_o_3G-eopg-OvKIn0R5U7pSHgGg4bAFkMq9PPlwsvOuLB1LAyiPSH_p9fkzfBF4XjX-S5Y-Qt_4S-quA8ip7oMKbXJqrpi6S0yMKt6N8IwMK0Mq4NV8GLhawXtluQcPtZ91SgkN_eo-M3W2dT5cFUdmnUUC-7G4z4nFRQ0DPbvRumSnXIJHt-U_SeALiQgJlV-Ko3ep-Wym9Mvb2VaLpCTXAPcRIjwOBWS6w5lBwIEDyUtiSDppmbxfQsO3sN5A8WnfziwBZRuGJOmw--W_GfVWvIvRRT0ZbrxqJRHaLecej7V6anB30eGap4SRhFfy_2v8iC6ltKYEWdxm3BjSUC20oCIu8qVD5RPxPLOtynlgndc7U1CgNTZzukrRXLb3atq2MZRmtWCy-xyiQ0wWABQ8TW1E2zIIxOkFWd8m1cvQ-l-IUNwr3dVcjtqtWToXQFgrO2jnFh7TF7otouD16oajIrCnkoejeAxWk5iwdaKwdPyVozfilGyr3dKjenEcN50jSc9McStEk09X04fs_IrJmdNpAnLi-ki3YU2rtjyA1wDWIK8DvBsoWNcksRK5JxI2RuCk6E-g1uPeiEublD4wp471-4ZjA0lVpD68zuzCn4wpOW0w8_Ff8t-iGsIEygH91TGIBgCzyC6cv8Y7Hyt3HEerT4zcBAZgDNG8MijAbbW3iLUwruUeRUdeOGxQQhzEgruI6Y5MmbcSYAS8cB_yua7Zd5zgokIP8FJqjg&sai=AMfl-YQNvOcSn1eJIeYQDttk_uwsPdaiMN-3bixPNKBceGmRXp_w4ZdpjcE5xR-mFrGyAiTrvxfDCadEcktTGibQMvdTXg1zCZCQyIgfvrp_beWil_9Zlxu9y6s9Bkg_cxUwaQi-ntYLx4Vvtw6CNBbpzUq-tYEjlN8i0Mn27WEld3w51GtnaZ57MZ8ojbm0jkCWTiRzhUew6Gc5EzS8tLDtd6km&sig=Cg0ArKJSzFPUte5lhWdREAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=147&cbvp=1&cstd=146&cisv=r20220316.56473&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: www.google.com
URL: https://www.google.com/url?sa=t&source=web&rct=j&url=https://anhdep24.com/&ved=2ahUKEwihv5-mtIr2AhVfxzgGHdFqByIQFnoECAIQAQ&usg=AOvVaw2yuQNotRdTrslaDrqhKydp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sat, 19 Mar 2022 12:45:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5409 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com
URL: https://d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 07:28:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
191871
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Mar 2023 07:28:03 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3114 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com
URL: https://d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Fri, 18 Mar 2022 13:26:12 GMT
expires
Sat, 19 Mar 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
83982
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
728x90_atlas_1.png
s0.2mdn.net/sadbundle/7973448254094797164/EUVan_Branded_BookNow_HTML5_728x90/images/ Frame D957 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7973448254094797164/EUVan_Branded_BookNow_HTML5_728x90/images/728x90_atlas_1.png
Requested by
Host: 76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com
URL: https://76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7b4ae7d99a6cd52aa125f125a85a2d9ddd5316fff738099e01555c78de033c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7973448254094797164/EUVan_Branded_BookNow_HTML5_728x90/728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 17:28:07 GMT
x-content-type-options
nosniff
age
69467
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117416
x-xss-protection
0
last-modified
Fri, 11 Feb 2022 14:59:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Mar 2023 17:28:07 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 510E 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu78DQBk5CnNetz44J1lsr375YXq1IHP--EhpYvKu0ngAhZciucnvPHILpHWzVh5CeAW_5CA8crIFJ6CGJQP8LrRPBdwLVnosYwYnOBwqA9bMTf3XzYudizPoufxSfv1GDMPaDXreKsSGy-ToD51M_YA_ZMlSriJ3QJ4sAWLf9I9m0k3k8N952p5hz1EREMXBDSAGcRFYfGPRFwwBvL2d2W-8TVxGesqlICHugFpXlEY3CHidPIO3ebSR1qEJZ9kSRESnRK7m_bSo9-sHvvOlzdCNg0EfqVedOI7QkgP9Y7c-8zw20VAiNY6s6TlldLNhMmxGUSTegpMaElDwwDxW5n3Sv6zW_4fRc8mtxFCWGXPj5ZObIUvgNl07-HNozopEMw7PekP6DGEilMhdZfAIZeOmQx1h4H4-M1K6k_WJ5MjrhytftI7n_ZnHxabnH4JFYLUdIxKZRe8yjC8W91hduqDQ9gHoUlELylOUSKRVfK224zyDu2h4zh7FS7iIU4S94Sc0budpRwaLZCEkKI3kbqEWSkYVMCBcxyZ7DxBOGPA_S8AQW5-c3g1KIwlSlX-1JeTkVXp4A2Zo7UjFOcXanjvTGJAReV6uhQqMesWQWXilWDc4K1YRdRc6pmHxoWvXQHDPbdfYQ-DDCdAwPlNVAzruOsfMwCExTWbO7APHa8R2CQBGSDnxXI54D7EFBJ1bhOOT0U8SbmPQonNCrYlMg19YUuojZRBdo0eUYgHhgHfui8427N96kmEBnt6YYjv6ce8s0wZlWW9kjQphQuj41y4PIDvwaUK_GhdTnqz--4WweB4ArAn1XMf06XrUV8E--D-0DzhrpXpaJbHDjplYMabK6wNEqILAirebhntlEAPp-wF9y0-dOuo8ZBVVU3EehmOuhgPs7jO7Tsb9gnf4hxUKnw7-_Ex9HI8WKOpCkvWffgIN8eR-o0fl8_MZavbLGlQR7SnWR1NjkgjbDnlznNtXRPD--yzvD2jldVUc1VxoQ2RY0S0PqMKaTBDwEKKfP9ZkZwTRNJXO8b-4xIkw2NbPA8FkhZWFdPJwPeAmCESvPq9j9gd5bXq5E3q3BTsxIdm-765RNmLGUyIre_j4Q0r2wQO1TryBfmDgUv3ffMfpWjm0SkI1pXk92jWBIbLIqmOJ73PC85FsNxyyI8W1ZPEcr_ZKQ3bVdFf9oufw-b8Qd4uapzkkNZTn7jiKwt8cLuvsYyM2HQD14lMUOLnCQ4L5Hezk8Frg&sai=AMfl-YQjsI3sPliXedFTbz1O4VbMrmoRzD-tMiSiRQ9VhHIatq8TQGlG03EDsYjCZSbbNY8UEgDm6eZmPeh2DubahjVZvT6K6ACGH28z0yni94rUuu-dYpUsnMsdRg6F86vKNAJJCI9l7IZ09xIaRLT1ll3l36hEJ8Y6FFRJfftsh6KxakNd5DICFQy5eZf-QeX3EBgLxcvB6v5T8y-Pvm5WymAx&sig=Cg0ArKJSzD6P-lp0ProXEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=591&vt=11&dtpt=346&dett=3&cstd=242&cisv=r20220316.86784&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: www.google.com
URL: https://www.google.com/url?sa=t&source=web&rct=j&url=https://anhdep24.com/&ved=2ahUKEwihv5-mtIr2AhVfxzgGHdFqByIQFnoECAIQAQ&usg=AOvVaw2yuQNotRdTrslaDrqhKydp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 19 Mar 2022 12:45:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame 5409 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ce1cae4a374b267dbda8d678a61a4b33ee7d6a3f55d35c555d0aaaee6143096e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
createjs.min.js
s0.2mdn.net/sadbundle/7973448254094797164/EUVan_Branded_BookNow_HTML5_728x90/libs/1.0.0/ Frame 3DAA 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7973448254094797164/EUVan_Branded_BookNow_HTML5_728x90/libs/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7973448254094797164/EUVan_Branded_BookNow_HTML5_728x90/728x90.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7973448254094797164/EUVan_Branded_BookNow_HTML5_728x90/728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 17:28:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69467
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64184
x-xss-protection
0
last-modified
Fri, 11 Feb 2022 14:59:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Mar 2023 17:28:07 GMT
728x90.js
s0.2mdn.net/sadbundle/7973448254094797164/EUVan_Branded_BookNow_HTML5_728x90/ Frame 3DAA 		55 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7973448254094797164/EUVan_Branded_BookNow_HTML5_728x90/728x90.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7973448254094797164/EUVan_Branded_BookNow_HTML5_728x90/728x90.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35dcc57b9e2989fedc019c5266201978701de042cbbb527753168f1bb1d824f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7973448254094797164/EUVan_Branded_BookNow_HTML5_728x90/728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 17:28:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69467
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8374
x-xss-protection
0
last-modified
Fri, 11 Feb 2022 14:59:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Mar 2023 17:28:07 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AB5F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 19 Mar 2022 12:45:12 GMT
expires
Sun, 19 Mar 2023 12:45:12 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
42
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 2C67 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d852949861b493334653398c1c507115a32bbaea21607c2c4486fcb8764cd66a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wfsu604ptV/M2NbW1Wh4NA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sat, 19 Mar 2022 12:45:54 GMT
date
Sat, 19 Mar 2022 12:45:54 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-wfsu604ptV/M2NbW1Wh4NA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
node.php
node.setupad.com/node/ Frame 32CB 		0
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sat, 19 Mar 2022 12:45:54 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js
pagead2.googlesyndication.com/bg/ Frame D459 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73d48e5b77e6f9c20e969dedbd1b226f3904b843b532a3324297d145596e0564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 11:51:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
3288
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13819
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 Mar 2023 11:51:06 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 513F 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 17 Mar 2022 07:28:30 GMT
expires
Fri, 17 Mar 2023 07:28:30 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
191844
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
cm.g.doubleclick.net/ Frame 3114
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBLEh22JAPjp7N4nxr1ryfM&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBLEh22JAPjp7N4nxr1ryfM&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VWZTY1loeXMxTnZ5c1c1&google_gid=CAESEBLEh22JAPjp7N4nxr1ryfM&google_cver=1&google_push=AYg5qPLot2pTriTYI_zkD_ESegAlzrQ0P41rsNm5e2aLDF8...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VWZTY1loeXMxTnZ5c1c1&google_gid=CAESEBLEh22JAPjp7N4nxr1ryfM&google_cver=1&google_push=AYg5qPLot2pTriTYI_zkD_ESegAlzrQ0P41rsNm5e2aLDF82RkacfIR04EdOBUu4HJB2xeMqO1IRCLonq4q-Qz2ULh4xGH8jq5w
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 19 Mar 2022 12:45:53 GMT
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-04fd973f611872bb0@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VWZTY1loeXMxTnZ5c1c1&google_gid=CAESEBLEh22JAPjp7N4nxr1ryfM&google_cver=1&google_push=AYg5qPLot2pTriTYI_zkD_ESegAlzrQ0P41rsNm5e2aLDF82RkacfIR04EdOBUu4HJB2xeMqO1IRCLonq4q-Qz2ULh4xGH8jq5w
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3114
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEM_zoOvZIML1xVYAPYEiO5A&google_cver=1&google_push=AYg5qPIQgDdt__cOo5HbGtBHdfJywcvbs2ABrFScSi3qbNrIH4tz9mX8208Usyi46KCYjS7Atd71op7HrtsRo8HK...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIQgDdt__cOo5HbGtBHdfJywcvbs2ABrFScSi3qbNrIH4tz9mX8208Usyi46KCYjS7Atd71op7HrtsRo8HK7neS4b8tso1Z
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIQgDdt__cOo5HbGtBHdfJywcvbs2ABrFScSi3qbNrIH4tz9mX8208Usyi46KCYjS7Atd71op7HrtsRo8HK7neS4b8tso1Z
Requested by
Host: d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com
URL: https://d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 19 Mar 2022 12:45:54 GMT
Server
MT3 4256 109297d master cdg-pixel-x8 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIQgDdt__cOo5HbGtBHdfJywcvbs2ABrFScSi3qbNrIH4tz9mX8208Usyi46KCYjS7Atd71op7HrtsRo8HK7neS4b8tso1Z
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 19 Mar 2022 12:45:53 GMT
pixel
cm.g.doubleclick.net/ Frame 3114
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOwI5RCfUz7vOasPm6IfMUE&google_cver=1&google_push=AYg5qPKLYKaTVNd8yda0_F8Vrstfg2qjrkDjkQQVdpQHZ-8gHbmeIrX4q_ZsYGblmNUh6F6cWnPXOSlEJKO5Ct...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA3Njc5MTY0NjI1MzE1MjQwMw%3D%3D&google_push=AYg5qPKLYKaTVNd8yda0_F8Vrstfg2qjrkDjkQQVdpQHZ-8gHbmeIrX4q_ZsYGblmNUh6F6cWnPXOSlEJKO5Ctl6ev...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA3Njc5MTY0NjI1MzE1MjQwMw%3D%3D&google_push=AYg5qPKLYKaTVNd8yda0_F8Vrstfg2qjrkDjkQQVdpQHZ-8gHbmeIrX4q_ZsYGblmNUh6F6cWnPXOSlEJKO5Ctl6evQX01Do6MU
Requested by
Host: d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com
URL: https://d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA3Njc5MTY0NjI1MzE1MjQwMw%3D%3D&google_push=AYg5qPKLYKaTVNd8yda0_F8Vrstfg2qjrkDjkQQVdpQHZ-8gHbmeIrX4q_ZsYGblmNUh6F6cWnPXOSlEJKO5Ctl6evQX01Do6MU
Date
Sat, 19 Mar 2022 12:45:54 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 3114
Redirect Chain
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESED3K17wXjNX0q7EXy1H07co&google_cver=1&google_push=AYg5qPIM9pik3qlnEXcgXOqeGn6n04tXZiUlBp3flEi1tS5ywgYTc3Bt4_x8f-Dcq39bMFEKSCNPM9FwSKYi-6Q3UGviOxO9OnhY
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESED3K17wXjNX0q7EXy1H07co&google_cver=1&google_push=AYg5qPIM9pik3qlnEXcgXOqeGn6n04tXZiUlBp3flEi1tS5ywgYTc3Bt4_x8f-Dcq39bMFEKSCNPM9FwSKYi-6Q3UGviOxO9OnhY&...
  • https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPIM9pik3qlnEXcgXOqeGn6n04tXZiUlBp3flEi1tS5ywgYTc3Bt4_x8f-Dcq39bMFEKSCNPM9FwSKYi-6Q3UGviOxO9OnhY&google_hm=hhS3tiBQ4N4AAikABlF_ojZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPIM9pik3qlnEXcgXOqeGn6n04tXZiUlBp3flEi1tS5ywgYTc3Bt4_x8f-Dcq39bMFEKSCNPM9FwSKYi-6Q3UGviOxO9OnhY&google_hm=hhS3tiBQ4N4AAikABlF_ojZ9zQ%3D%3D
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:54 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f8-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPIM9pik3qlnEXcgXOqeGn6n04tXZiUlBp3flEi1tS5ywgYTc3Bt4_x8f-Dcq39bMFEKSCNPM9FwSKYi-6Q3UGviOxO9OnhY&google_hm=hhS3tiBQ4N4AAikABlF_ojZ9zQ%3D%3D
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3114
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENvwUHY6DkhUVu7bXmzsqC4&google_cver=1&google_push=AYg5qPJHNLQ9IFX324raznMa24Snb4J4Wwvu9y0xwNZoR2Sdic8ilBZj9h7TKQk1eUlA-SqrFxcI1ZfcTKcpIjGfpqUvpYE...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJHNLQ9IFX324raznMa24Snb4J4Wwvu9y0xwNZoR2Sdic8ilBZj9h7TKQk1eUlA-SqrFxcI1ZfcTKcpIjGfpqUvpYEqFbI&google_hm=NDEwMTg5NTQzMTg4NTQzNTY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJHNLQ9IFX324raznMa24Snb4J4Wwvu9y0xwNZoR2Sdic8ilBZj9h7TKQk1eUlA-SqrFxcI1ZfcTKcpIjGfpqUvpYEqFbI&google_hm=NDEwMTg5NTQzMTg4NTQzNTYxNA%3D%3D
Requested by
Host: d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com
URL: https://d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 19 Mar 2022 12:45:54 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJHNLQ9IFX324raznMa24Snb4J4Wwvu9y0xwNZoR2Sdic8ilBZj9h7TKQk1eUlA-SqrFxcI1ZfcTKcpIjGfpqUvpYEqFbI&google_hm=NDEwMTg5NTQzMTg4NTQzNTYxNA%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 3114
Redirect Chain
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEMtiI5lG7xeng-jRZ5ZMdQQ&google_cver=1&google_push=AYg5qPJkkXNb-1Qz_tttJOCKxDdipVN8msqzoOQ4Okbfn2gQgfJcQ3G8...
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEMtiI5lG7xeng-jRZ5ZMdQQ&google_cver=1&google_push=AYg5qPJkkXNb-1Qz_tttJOCKxDdipVN8msqzoOQ4Okbfn2gQgfJcQ3G8...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEMtiI5lG7xeng-jRZ5ZMdQQ&google_cver=1&google_push=AYg5qPJkkXNb-1Qz_tttJOCKxDdipVN8msqzoOQ4Okbfn2gQgfJcQ3...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA4NDAzN2E0ZC1hNzgyLTExZWMtYTY3Yi0wMmRkM2NkNDE0YWU%3D&google_push=AYg5qPJkkXNb-1Qz_tttJOCKxDdipVN8msqzoOQ4Okbfn2gQgfJcQ3G8PyLnkEpXcf...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA4NDAzN2E0ZC1hNzgyLTExZWMtYTY3Yi0wMmRkM2NkNDE0YWU%3D&google_push=AYg5qPJkkXNb-1Qz_tttJOCKxDdipVN8msqzoOQ4Okbfn2gQgfJcQ3G8PyLnkEpXcfGJxD8SfiCI2khmzFi8388iH-4vL8o7zinkPw
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA4NDAzN2E0ZC1hNzgyLTExZWMtYTY3Yi0wMmRkM2NkNDE0YWU%3D&google_push=AYg5qPJkkXNb-1Qz_tttJOCKxDdipVN8msqzoOQ4Okbfn2gQgfJcQ3G8PyLnkEpXcfGJxD8SfiCI2khmzFi8388iH-4vL8o7zinkPw
date
Sat, 19 Mar 2022 12:45:54 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 3114 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K4dDAOanlfVp1zcGQVjnDtF38rfrHblw5ItibBCACYvle-9FiG_DGrRECBGzxLYFs
Requested by
Host: d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com
URL: https://d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:54 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
generate_204
tpc.googlesyndication.com/ Frame 0055 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?DnjNTA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
728x90_atlas_1.png
s0.2mdn.net/sadbundle/7973448254094797164/EUVan_Branded_BookNow_HTML5_728x90/images/ Frame 3DAA 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7973448254094797164/EUVan_Branded_BookNow_HTML5_728x90/images/728x90_atlas_1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7973448254094797164/EUVan_Branded_BookNow_HTML5_728x90/libs/1.0.0/createjs.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7b4ae7d99a6cd52aa125f125a85a2d9ddd5316fff738099e01555c78de033c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7973448254094797164/EUVan_Branded_BookNow_HTML5_728x90/728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 17:28:07 GMT
x-content-type-options
nosniff
age
69467
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117416
x-xss-protection
0
last-modified
Fri, 11 Feb 2022 14:59:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Mar 2023 17:28:07 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 5409 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu8-XKswXzzu12Y95qGHSk8-FYLer3YTAmBvn-WJoCTRXsf1sewzweXpXXcjsYYBj_oXmupf4Gj9xWtaSGTHzckWZDNyuwp0aubxci_htZbkOXLDO_QDvNEbEL9nBfK_lXo_oC_lRlu-xBx8k-NYWrZTTkpHXk4kiZb4DiZkQvDuD-kZJEQ5u-ZBPlC6OXUR2AFWL1ollH_HAI29jduTqw3JQIbOOuzvdQrQA08ILfDK-NXHi-MHGjHZTkerpLuHwZOHtDPA644QeSpJh_3KsiMXNbEKQ8dlKYU20Z3KcyzdPgxE_V1cmCLCTIiJJKRL9Hj7c2PTvDeKlnu4S1qtNY3R8ZpHlo0vQxZfcgrX1-7-XkUdYR5792DPB8RfVB_AUPI9-HjReDxwTjnJlWZ2e2emI7TdSE6tMhm0-hxuuAAuU_w7Ap1mRW8whiVfdOvqsCv3l8s1ESOHJsbJr_J0GS8z7-XUuArrErUN-aRGFIHQdYT2D6qVoWap_o_3G-eopg-OvKIn0R5U7pSHgGg4bAFkMq9PPlwsvOuLB1LAyiPSH_p9fkzfBF4XjX-S5Y-Qt_4S-quA8ip7oMKbXJqrpi6S0yMKt6N8IwMK0Mq4NV8GLhawXtluQcPtZ91SgkN_eo-M3W2dT5cFUdmnUUC-7G4z4nFRQ0DPbvRumSnXIJHt-U_SeALiQgJlV-Ko3ep-Wym9Mvb2VaLpCTXAPcRIjwOBWS6w5lBwIEDyUtiSDppmbxfQsO3sN5A8WnfziwBZRuGJOmw--W_GfVWvIvRRT0ZbrxqJRHaLecej7V6anB30eGap4SRhFfy_2v8iC6ltKYEWdxm3BjSUC20oCIu8qVD5RPxPLOtynlgndc7U1CgNTZzukrRXLb3atq2MZRmtWCy-xyiQ0wWABQ8TW1E2zIIxOkFWd8m1cvQ-l-IUNwr3dVcjtqtWToXQFgrO2jnFh7TF7otouD16oajIrCnkoejeAxWk5iwdaKwdPyVozfilGyr3dKjenEcN50jSc9McStEk09X04fs_IrJmdNpAnLi-ki3YU2rtjyA1wDWIK8DvBsoWNcksRK5JxI2RuCk6E-g1uPeiEublD4wp471-4ZjA0lVpD68zuzCn4wpOW0w8_Ff8t-iGsIEygH91TGIBgCzyC6cv8Y7Hyt3HEerT4zcBAZgDNG8MijAbbW3iLUwruUeRUdeOGxQQhzEgruI6Y5MmbcSYAS8cB_yua7Zd5zgokIP8FJqjg&sai=AMfl-YQNvOcSn1eJIeYQDttk_uwsPdaiMN-3bixPNKBceGmRXp_w4ZdpjcE5xR-mFrGyAiTrvxfDCadEcktTGibQMvdTXg1zCZCQyIgfvrp_beWil_9Zlxu9y6s9Bkg_cxUwaQi-ntYLx4Vvtw6CNBbpzUq-tYEjlN8i0Mn27WEld3w51GtnaZ57MZ8ojbm0jkCWTiRzhUew6Gc5EzS8tLDtd6km&sig=Cg0ArKJSzFPUte5lhWdREAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=380&vt=11&dtpt=233&dett=3&cstd=146&cisv=r20220316.56473&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: www.google.com
URL: https://www.google.com/url?sa=t&source=web&rct=j&url=https://anhdep24.com/&ved=2ahUKEwihv5-mtIr2AhVfxzgGHdFqByIQFnoECAIQAQ&usg=AOvVaw2yuQNotRdTrslaDrqhKydp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 19 Mar 2022 12:45:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/pagead/ Frame 2C67 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031401&jk=4027972681861695&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
node.php
node.setupad.com/node/ Frame D6DC 		0
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: anhdep24.com
URL: https://anhdep24.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anhdep24.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sat, 19 Mar 2022 12:45:54 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 32CB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031601&jk=2914790805362464&bg=!DA-lD0vNAAba2mK92to7ACkAdvg8Wodbx0Zf6SouC_80ovu0wA9x2nXQOjBv4tXIz6gUd5xYPabWjwIAAAG5UgAAAAFoAQeZAwrZhmX6lZDVnGaS1hBUeEsIgSAzolJQ0Gu51DhCtG9mWdQnSGudy7FyOgotrbtpp13f8F6EXBjCbpsqiHKNkbAk5z6MTeslJZL7qy0ZjWPyGx2nRzTOofrztd5CRGX39lmMV-1rVvBmAJ6b-KpYDsJK_Z5JHG_ta1iSaisjFJfhFHFY_H1bqh1NRLX_Q7PUb8-u0E9Z2a4peDfwVST6gFqLBlP-W4EiLo-XM0MZj8QLKHG2rkv27X0LHLGjeWjZyJiaxJ8ikenoQ9p1Q0xnvE_v1I42FeOA0o3m1LH6wQS1uguJUjhmqiUlARgd6TYb5d9awxHRr0VZ1rXUknV2BSKvkQ1D3bN6K_zMhxFwToZiOat2QdOr9zmZCB3QDhsjMsfXe712_ujlY3W27r4g2O7yOYmlSOmPJ82zBsfl89rUuF1sGQRo3Lx2wG24O7sSlnCyNZyeSXm6rgcpIfVkOtjy7kBGEmSF0mCTXXWQ9d4Q34-RAM0taeBnJYjtsLIJdj5OWrqKvrG9vfXLYfHnhs0zfU6bWMmxF51dDlqihZotgHy38WV79_JciZA6eKEwag1K7LARDQZsha9lZ7EV5YDMPbGk-z8sP4buJt9stsr-ULTeSgKbUpV6DgYLPBisiVNC1j8chhiKPnDW-fdEUMoQDY4HsJIAqCR3qvbBdyKNhuHkpnTVDze2dHHRY_KSIQp0Xo3bso5kQvFBmNvVQdsTMj9kuRxoLAT3YXg3Hw7nXg4BzT6Y1BHrvgObUtjnxD16qnHW61yHW1RiUxKWXZ1LHuPUvdw0qdDttBXpGuM3r57XwwYgW32YLzFXiGbt9FU1kto_MzJ6zH1j9ZpPBxJTG6OkYgHjq4he-Tp_XdITRpdnO3d0cSp2Jy_aKe8z__uJbX022ynFmhtRUizwCB8lpGpUzaFhsmfvomhyzA8Fil43QpuaJUb_V2XKVyi5ax_9M4yPk53myEHbqv4_9coS3lVazgzL7rcltDI4JNZIcB10Wls66hv609L9dubTce59xXd0YC6L6xt8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js
pagead2.googlesyndication.com/bg/ Frame 513F 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73d48e5b77e6f9c20e969dedbd1b226f3904b843b532a3324297d145596e0564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 11:51:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
3288
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13819
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 Mar 2023 11:51:06 GMT
J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
pagead2.googlesyndication.com/bg/ Frame AB5F 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 09:42:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
11018
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13888
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 Mar 2023 09:42:16 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A103 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031401&jk=4029909252908906&bg=!hoWlhcHNAAba2mK92to7ACkAdvg8WtizkgkoAt-FDMGkrQhRr9wqMFG4kJGxvp2N1CrCFGWTkYAt6AIAAAGsUgAAAAJoAQcKABde0iD2rPFjpPMuSKk13TgYwRsqJkKjnJkDIOPP8MH1Wn_mf7EJ5YIMONElfH_fLPqZdnHkn60LNDH0YFUGr4SCpRNmYd_THpxjuPvvigoE6ABBMJf_Mnd4ixHy57L4TirE8xM0V5-SRCX_fzxvZqRnUxNWtQMIPXYARYEJzNJIf8L_NlqYYuzoKk7RtuFVPSp5H4lwU0OcXn7xZ4Fm9ldRLREulKxp7gpmvZk0jkfal_qvQYMkB7UdtYIpHEwb559yYhvBnD7h376WCTRQgVgXtOn5fs8bSCMQnL6fm7lp8rTK8JwLwQ0x3pybQKgQxgyGibwyKVrCcYrqZvA3xXlq9AB6D-crUPQC-4bk7vsOkwAlZGXGbVsKQ_U24hGRlrsimnBtoWee8QuNozS4QiAgUOUbjreNJyEasNBmEsoVDBIY_0sIMVUapwvqcOxES3k7xviYwBFgUJJSlmBvevJlXjqHfcKI88OAFUBenF__F0feieFJjP9sSVXPKa4xQmRQLNdnJY6zg317z7BtDJFtG-g_vIbxMMsun8Qfnc2HhLOS3DTiTsdM37mixLBR95RiSParYuDvPIZeB3ktSPEnU_eab4gj0lv0VbEV9tsNbJf-qTTFGUNKkOqQNTPLpXGI0ytXLMk6bB04a2EnICYRWt722pTx3d2Adz4RMgFZ49QC5g_752uA_bEBg_NnBGl7vpc2xZh6LqnD3tZuZmOn8fG0Z_YX1VdGXsn3MigJCoD_0Rh3zzPydzXdbn1xTtKS8d-8HGRzpVxxnjCHi7PjSzJU2lHxtiILS6tHjbsbM7mFSNQyYfr1C5ilsCIUAfItEoliVMf6fgOyNINc7_mYbfr7M-zOPUDWVv8SS3FLf9W7PkedCOgSbHXUb5u61OOCDO3HAb4UVxeDB24ZJ3rH44Xs0AhsNHrfrm3H6PbSm4Tln6u8D02BPfuKBklwnSWidJ6isgA2pdUtb8nMf0z-8YBKspCnBZjLAF5unRDC2rgL7OoMU-hIyiS7dWhNL8A5zzPHUc9JX-BuKB2ZGw5owIKuORf3NSuwZYIuRxp6np-St5MD38gHBQK6uf4mHkfUB_6ABrdgdPAn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 857D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1ZHKgdA1YrqFA73_7_UPmcWKwAcAAAAAOAHgBAI&bg=!eXqlej7NAAba2mK92to7ACkAdvg8Wp6xIlJ4Y3KBNeu_k4uzBMndAu2jCe6h1DAaesXf16DTphNV2wIAAAFsUgAAAAFoAQcKAIFYzeTmcdmdOvv07z5zyCfA4tj2zwZsYzpFdpD608ilxdx7PTmgHDppio4f_Iqe9Ljp393N4tzsPgS0bzLksmSJf_Hlpnas_ZbTcjwpbt4JB_6cLNQzC73CpusFsD-dwr7buCZ-yTnwRECcPKxe04eadhOirfYuRSkb6E3GgSWTXtqZAvot3wtkbE9QwfHaA9a4e0fSKhKaiFJa74wHlXypG4pvcgE9VrhFWg8FkfTrBPfLrjRI1-dMn7qP_b8Sbx_synm3HQAaa3SjVRm3bVthe6w-5dL7r2NqygNEuSX1xw77HR1DRy1Tpmgfgi3Q9wu5mmo5yeMZZ0AQM1pgzcexfjCpD9_BOtKSco_lhbnAtga6Ddcb3xyeHQ6fEUBMvH2TqxcC2hvLb1bHIlydT_aSargWdVocx9ls8swA8jksYMB4gIp_QnaVDI8RVcFp8XfALYcDEQ9ZdIktekVVjhpQ5TscVEm0lcdkAKNRGnBnCgE7HrORB9_q2hX7KBbI98jo3zykHP7YbgRiRgcled8iFsGQon6v49oO74qPh9RRqfmp8DNRRptsN2FiM4DY7MBtoiRXI6jsybviOA0MUW1cQuYqEL1x1B1z5rRgNdMNUrZljd-x0FAGPbnfyxOtAR_Cfh_cnM6BFYirM8dcJwCbjUS9Qy7svmbVykSAn7BLVDhw46FX7LXTvFoizt1Qb7MbsHgBt_7fZUZEyAtArFL_v9jW1dIWHggEiUe8CwD9CP7HUdbgH3Rjhddh2jMHUXwNLc9wYCB56tE4W4Ur7ehy7cPFSQzqRWQ0s5tKAM5X-6Ydet4F97nJGoNung9tyVuON3QTR-laArrz8mLNVHjVlSknbEJeklMOwRo5oZlK0AJN5uLOIoQ990GyP4w8apbZp5E6x2IXPBJBC1g00NtHyJh9xE1tuL4ovXJUrc97-wPWg5pEHjojrAffMxquo9FgqZ-Wnayre8766bszHIAsDi58i7dSjOhTTy92oa-CXCmw6ZxvpOhwnqeNPghCIUQfyfAazqGao2C6b473lAPZ914AOxXplyD4Kh099g0UhC9hupwAbrcvns0y6NOK1kknwr5Vy0RJ3eYAbQsj6sOCyY2TZSOQtmocWn3BZUomkRG3tomf5P9y6jc69dyC50i2zXyy0pshmon-hmjGRSJn-_0QscBVLE_TcIjQdNU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031401&jk=2103073919475594&bg=!ERKlElbNAAba2mK92to7ACkAdvg8WrXRo4p8zGcRMvDoV2WFjTtmtLtm6yTV7w7piu_2AStxZED0XAIAAAJ4UgAAAAZoAQeZAsfvhYzzLP-2ZApOcKVS2k_LP7EOUvzWhvENDJw0mQA7DEmQwFiaMgm-JxLn5WmV-G64PinQryGwUZgdE8Ie5bmsv60_ph8p0Mbh8DKKmb8bDVQhIp4wBjHdIPX1KQUUoRMQuItgaeL9skcKmikI0LA7LGn38EH0pArVNJlFQdgQj719-eFka5ikhX2i46AN5f0UsE-1gWqW_C53RQRSBadlBojNpEU84VjHTqyCyle8zcEJhFpKyR6ACnwpy0Bw50M4R19LTuP7wkN_zEwiGpGEAKqt99WUSGP7r3-1MZp_1ICdJ5L8YbaL_btdVxlNbCjfMHkSPfngQueG48WCTPntsUG8aMGymzDuCyQAp7_ziER-7Ypvkn47IR-WWHBPb_whS1ic55bkS2Og44Z55UgagGRPwAdAleIiEY_y0y4YHpW2bQJiMpYIKUehdX1MNbTp1qgV5MdWbXeXcd7bFdjNFXsGIyH3YZNmdP5onP_bLB06c09GSmVehajAaVSlFcsMgbTSYDZRpiI9I5haL3D3AjvLe6J_ncAmshCqjz1-dU5VL-F98pkS2n3ytOw5W_hSdW0mTKKyY6Ayoo4x7xNtiJkR7_A1eW2f4wwBy3EgVbjY2VM92EcU-ypgR_cYtqPIHbzWoXbbioR1tv3Bb_lIEHM6Ot4fe53NGYhCfNwmxJ6ZC6ccfwws0eZnEqNUcqZR2M1sBJp_ng-eADk341rsZxzAeCAOuxT4CTLH5wxCIOHphJoxeZCIBMksRlbyEBCY5lacLNCB3jq9tlmbmfSQa2qWfL0rjO6_k77wof2EOuX3PzQ_o--TnjQPD6CJdoQfkMyHPJvuceFi6Wvkd-ldui7ZMkbb9iCph8WwHmBXU7eNRjaeS0rsu9Vj5M3J5rsqjsuq_REXmU55W_N7YagMofle6CeHWbVM_R9KCbzyMxHqyh65i4I
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1D0C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031401&jk=4190201031641822&bg=!gIOlg8fNAAba2mK92to7ACkAdvg8WgCt7_dUEKuPYBLLFTh1V-RRsY4i3ETgHXSO57Gwn_j1S_WDeAIAAAJAUgAAAAFoAQcKAEEdBReV40RuMI8H2Zee-KNnx15pNzv9w2e1sYHJh184cWCU3sMlHg4VigdWRWU59lRN9cYpsLXnnKZ8llWukxRvppkC8SfbyQfnrCHPGCS7jRNjefogbenI7vuY8RpHhb7gb56PKbsrVqkBoF-F2pTG4jNuuwNfmXNcqf25_1Xq6o8-UsM72O6hWwiA3whecSqaACagikcFtx6J3gA39qh3f7F5Zt3pMOXqrty9ANMlq7aZSGbV_OInGY4LjqQaLgcRTx1_cEyhWfgWJdVM0F4Nb3CpbbR_ZVXcykuaIpdOlg5MmJCQO4z0-kkexjuGNFCdweWlO1CVIXC3fRMgF2I7JcCQZGN14Wkyb3aDWq53ek0aKcJRd-U14_Trf_fWkuGiw06LAtfGyMpG8NWSPIwicDc12ldr8f0SRc5T2sXi1yiIkD9ItGM4FIWdso4F-wCr6sQNBDT1Is7VMnA9i4E9Oa9_VgGFg8OB9xg3PBxcxDvqut3xO_OiFOoY4_jJZtcz4ebE3lluhChH3hGF2KbgbHrH04ui8pkt58oN_Q3sbJnWx4P3AhWdfW1vbknzhYo4mVnKiIUKrdYFiO-BEGR-Orv3KSIBEghJa_-Gt9Jg0y15WrsUjw1NjRcavdjeGitBgaHvfdvS5-gsmDDRgvargrc7zQ9il5xp_tbNBXAhy6VOSOkp0-R4dLx2PZHGqTuSrAPUil_PicwYNu0-O20QrrnOjSZK1w50aD01OBphhJUR3-8XuqOU6Fi_kbRMji3S1SO58S1jam8Z-MXOwSXXOdXJ1gO64Gylnj7R6Ocf_ccENYyUAYCsajXbHoE8n_KhP7A6IbBoUcy6LQp9zsB1v-eA4RjUeJCZcBSOIh-WdeX0XvSzmYEqAhW2_qeEFo5ppdf32HIGrmC9fQy7Gn4H852jFipMbkNx9ihtJMlLHx7n50h445LBN78hdresfaEvGoWJ1m6b__rQBX4XzftMaPwdF3mxvAz8BELNDR5NrBz8NCTD4e76BqTcARBItKqgXwAuoAseRiivxVF1vJVEMHQVplTypcO0O3T2KlnafWc9JfImse1wAfGwB1r0RhTn83Ghqw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame AB5F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?bjYXdQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame D459 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BF9SEgdA1YtP7HtzX3gOCtJrwBAAAAAA4AeAEAg&bg=!y8ilyIzNAAba2mK92to7ACkAdvg8WndMU-mUswwhxebuMWyXQymupsuj9-y90B7bIvQvHP0--yENYQIAAAFPUgAAAAZoAQcKACLMd--hnJNUOB4XVXmB_EQbQVCuYjUCXaOpj9tYjhU70UJfmQNUx5G_IsIFiWU7f65mx09BnSJ0ctaoWr4XVIzt-x87Tl3hGg9bIFWY8L-z3dq8xV7DhTtUpMJSoPHea8XpwXT5kDNvnSMtgEsk-eBnk8KnC3umIGTFgwWaU7qECRDXE1V_No7oNuBBo0Zv9ml-Yiz0njQPGtIk0M3s8XZV6h3tGPEqUZjzyQMqoBE4A2R24X5b3yFm_z-7sk-i5ZrpW6hc3ThnJLASO4e2muAGPTHXhwUgEdPU7J4ZJHxnSuWg1A2VkcBQ4JbfvG7pdy_qLtRF_IR-mQcD4gI3vMp1knjaQUDFSfCtOusHpau197PkWmXMOipvzOsrxfqsjosqTbsR9KwSDLgJB0T1D3gP81k_VWRxXoaanFPZR0unkCzMyz2j6JM_NOsArNS7pHOprgMGqUBZn2z7YiEAweOjSyyvnrHIpEUIB2QDqVxZO2cPzGZRO6u0dMjN99h3iAWaKbrMVQ3ZETApUEF7zSA_Nle-N0GfIXzuPnbKoiX1-GxUDbwdm97_V4TdwpdDWwnIylfmLMQoMLRdzoeZusrPNIHBM8ArAyPp5NXiXc7jlCWthBW6T4va7SOeVxws-2chYksUbEhAhpl1eTHweB11PO2ha9Cl7jh3Du8B3tDOaJfxIWW-TmUp2ZyDELz-ca__ic3HMVWps6piFS8ygX3_w7A1pbdV3G-eHiVJoZiztgxzEb1fvFLqU00uW1bsQuAgm-iwlUZ3ykspA_1pAhB6vFtyEQMT0Uahk8F30IWoIVVp0sxBsyPUFetK2zbW5m67Ij-x29Ap88x2rMidHuD4eHvMPbam1J_dyfcvtlhV0OmNWlWPO65KozqOzB_Yh_1wWaN_tNT-H6NYpRStSeWUhuAotfdeMcTGtcGvNEhYPkQ6rpHkhxCBffy6XCDnO6T057bQBhKK9TR-76jSOjjZpnf0oapOKuy0fkm_bYAcYPe5H1K_YodYtc_GXnLAjhXDOwbjvMCMGTGiY2LeBxuKI0p0Vr4g_aDMPCvXxDIfHImL97QJFexcCq_CnMBPflanVTXsXz587LOIv0XhuxjOl9l_EiCFKSO1cv9EhYdPZhGQ_Z3PW7zYR1E6ZItT7uzDD9ArIoSobDXmnegwcdoNos5phvTyd4HY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 513F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BzLj8gdA1YpaWNNWlrAT7nayAAwAAAAA4AeAEAg&bg=!4eKl4qbNAAba2mK92to7ACkAdvg8Wian1m_0eWHW_snCXVb5vd2bE65LsAv_XLewk3PYZkZvhD2_WgIAAAFEUgAAAAJoAQcKACBIGxatOXAu3q2m5sENP1G4i2tYQAsBboUnokoCjexk8JkDW6jFYeC3Y8pSXOpIC2bLqVAnNN-iiNczTgMQ2pjFTZ7ms-zzIiRcvcHmx0od2_83kFyqXzTk8NSZpwu_qZCbQTU47RpiOtkvSLJJuCDl41X-pAHdAM0ahXdVyIN8H_il7L_42fhl5zUg4xtv1HtGrbS8tOMYjWSSFCcPp4FY_QyqRLpzZw__EhroMIwXY5yK_cAawHdbuYRyCjrnFYqGDq7S0HPWQtLjkWJnjFr71Ld34S-s_y5ipfpdlTb0ygeQFdGpq_UNNKrafTlwWOc_z66KXNt206ozXGa-4az9V0v8BMwl1Y7cJXedDlUNbSRz1fF3Oq_YyuWGCNmuSoliGMoTN1UOfDMp1bnug2pSOcbuMggSVPO_5mkXQff0Re3ptC7M1YhwEbQpyr1xXaNune0jrIE-oEI0gGVPbYjJxacuyeBc26Ae62RxtrWuiJr25Z0Ud_YUEbXjajRacI7FF61Iu9u1_asAnhMUdsw9vKRF19uM-vOMEp_MgJl9rIRYaRnZCtjuFQ-Cy7cjRbIbqhkJGDrxtyOMfX-6P9eCLJMC0BUeawnl987tfCU4lZ-MzN78Vj8KQt9h_9c8jXeZF6iU3Kwg5hw9naCM-yp9-W8CNA1euLBpoGlpr3uyeSDvgYS3Uz-pvIM5JB4hkb6lNSc6QRVX6Ww3jfPTbtLdPWweNjQPU7pHwMjfG-WT7DowUOfCnf4-C079kr6nT-hqVoksPpRRt3IvsJRWNx1A_kzXc8kc02m9nCeIxANQmSvA1gaGvaw6mOfM6doC0klSv9O0DMc2vFJGMaSUmKW5mjIQST_YO_fVlwCFNdaTbuWxUPm5hOwhjMZtAhmqLIyW_4VUgAmFtgkeqv3hYmC7-PLl_bU36OyoNlDcPGjV6JWFx5-zHs-UxD8VNSoUUUUeAoeX10NSBpCkXc3xasrO0rBF72vBe5S0jl26EY_GdBjo9tezOTGiHYhC7oHlkxzn2cE1GtThC26wg2qrCLufZBik4p3G8dfVpwkgTj1kBi3uiGSianK3_JLg240SYad4J9iurIJWSyQ_mJn332g1MfybkBTNhTYVSTJjjYBmo3rmyTL58kLbb5CuQzk6YJQggGuarxCeYMp50Fwf5VacU_yvLfDhb189pAujgRU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6334 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstaWtUWqymSsjvWzRGrY4dk6vH6s85CtIzViyWSgLv2_RDZIME2lUAzqkbIVmzK_A7sw5kr6gr60TFI23j3EGkB4GJoSHyRI8t_X75poqw-8Tap_c71AA&sai=AMfl-YQst8h36uq_T2Z86YOUh6ZgJJR3FU8tQq-_rAk2jfAZlf8DgHvHo8nxSdbRkvtRskiwmMgo6j018SJ8Hj8DQnpu4BjfqNezSVVx2BPjNw7MZGKi8VOLp6xLgQkk&sig=Cg0ArKJSzL3GliAeQLLuEAE&cid=CAASJeRoKR5-wOZ3FymMmeZogvdeMDzE6Wh2zRC_dBk2bIJwW3foBtI&id=lidar2&mcvt=1032&p=213,800,303,1528&mtos=1032,1032,1032,1032,1032&tos=1032,0,0,0,0&v=20220316&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3635354079&rs=4&la=0&cr=0&vs=4&r=v&rst=1647693953471&rpt=370&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D6DC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031401&jk=3006563798845522&bg=!CQqlCk7NAAba2mK92to7ACkAdvg8Wp09p8Az8_cXqemTgERSqlF7qWcrt45lqX0FwfUfYFd7te6qdAIAAAGBUgAAAAJoAQcKAEgpXHYNodKVYslnzgGCHRVrso-dsM31zZxKr_4FJL6oyeemUxsOgYyTbE9hJD0aZPeKyf3EGq2Bca1g2gPKJwbT-uVSb00HrJuZAvN9GzD36ebTfvdjWiYQytAuBXhPvkqmdqIsQXzoCr6Mx21U9T0OXONa5xw_PjYxSa8vSgpw6eUgWjHLsmftNGIz7ztQ7GZqWdMPGTXqgi2R0II0lndGP7nsiqeIBZ_OfkbYV1we61QetMinSKnsy7uEL-xcrvFhTGG7ForPrAmboybptsc2kZHWbFJvw2dkEzuWn78Rc_B0N43jJLx7sfVWxqQ0lFucU9EUvV9aaUGd703DtCpetssw1vEFBx26pt1pGWaa1TF8Hh9WhC4R6KFG3fFiPhZ5sNW3M-XQpJwsCwW2XbYezQWSJhb-uEbGeDCB7ngWo43BGGpe4dpLEYq0_1B0hlkKs9-aWuM-su77-oiJkHD5sJL35Bdgdukh86PG3HusppaPBwgr33mBmZNF5ZgVqivb1qcxvZi7eGEf8gAfASI2tFQhxLQJbCBFhb_JuOx5hSjoV9xzJiC8bX7h8MJS5ChlYyUkLricMThRx5SEmPwe7maf4XoAkHW-5lLEhMI5PEtqdHOJQZnEVUJDfZKlfCwNxLvxp-ka3Q2LGyYoqtWPnGMKRm2YyiolBm2E2DE-ijYEq8e0rOom1oPxXsp6Ca9R32j-ibC_CRpuiQ1yrrqlY4cj6cK6iBGfVhtbRMK3peBgIIHSH8GxVOh65fpwI-pQKzSA5PefsGgWnvLxXhHyzOZiQJeh63nXt15A0IyAuBEKvtstAZydGbMLwTyi4T8w-PbcUZLgTgZqExoa017M2FjFrHtDMMlxSB8sVBoJhb3E8JLsRiiGc7x289l10kARI6xHFOtpQA64QjQQj3zV8IU0Ll9lHrOk_kGfgtFwH49po_w33I011UFRpAeZ2U23rHjdBjbslBLbH4bZtwVSK02-2yUG4m7Eno3uFWrZPWJuf0W1YydPoII7W7iMHmpL9BcxJEUVXO41q27bXsPIZEW_EttbwXKO5jbwvXPCSMMyrpoDjuWZ3b2m-09mAZCai4PZ1BFbWwWYc9x4pQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6D82 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsveO6ws2t_gRvDrL0E1mFPm5SCjf74aBR15GxoyN2pxv9nIZOm-MK3ZGYgJnqL8wmQBk4CdMUQr5PgXAkOlWw6UYd9aRA8AlA4nUSTyAd6vKMpW5kNIPtaHgOLOzjY3n1WPR1jmvaWfW92r&sai=AMfl-YTWx3BA1ZAH9y_zLC2zJa7C54Togg2fAf-ANuE-MeYtEvlfep9dOFRjdy1axDKIFyMem1baQwzbcrBzOz0blMTlyTPHcKKV6dc4b7wkFsnjDbPHVTpGwbdBOmXI&sig=Cg0ArKJSzFavDHedJfNIEAE&cid=CAASF-Rop3gAW2H2ECsTmwhq_DvyRkfBHhk7&id=ampim&o=800,184&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1014&mtos=0,0,1014,1014,1014&tos=0,0,1014,0,0&tfs=491&tls=1505&g=100&h=100&tt=1505&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=376456517
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 2BBD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CO9pUgdA1YvC4C96W7_UPqZqHyAbY_4r3aOeXwMW3D6_q5PHIARABII3kvSlglaqzgsAHoAHd2LiWA8gBCakCz-kzGhWKsj7gAgCoAwGqBO4BT9DL35P8RgQnnbPYvva70VLsaDWn5yyNKCtamGZHMy9EeLSJQBBStkmqW32AhnIWpxEMo1PGA649wFApcZgDlULKDOW9mb4qxGCMfgEU43Mf69ujG1mduWMz0pDJaq3af1e79Oge2Xy6OcpG1F_loYf8jM5yYVB_IuJ58WyBFLKFRYuIcWyl_ue3ztbfi5UMIvTWyXe9wPWeLOedz6dkU6CxiNKD3Ks0tpdr5mtXWSU7N46Cw_BdkzuPZtmFtopJKQdPhrG_Xyb5-jjgYZBWzb3om-AhW0b9HqrXlV9tCWTBvyN9BfrC8T0SfWsAK8AEz4zhz_kD4AQBoAYugAeLp8dpqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQnvoa0ggJCIDhgBAQARgdgAoDyAsBuBOIJ9gTA4gUA9AVAZgWAYAXAbIXHgocCAASFHB1Yi03MzgzMTcxODMwNjE0MjE2GJXiHw&sigh=yWuw-wDQIAo&vt=1&template_id=5000&uach_m=[]
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 2BBD 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvunEg_EpRJmfQu-tznUQI6wDdnbVtjGOC7IaaMcvZPkfwDknslNE1gVRxELw1ZernTJHKPxOGEDxm58p9ILJNte6JdQTv5w_iAEA3NyKTUGkjiTKAYm4W0aJptA6aA94z0v86xPUPIBRKpbQ&sai=AMfl-YQhPzlZE3rZq5ZK3xMTdzV2p-c182lL9UiF3dFSewUViTBlNZxAm2QuusRONXb308dwM-E_81yfOMCc0YZLsXUmYEBgwThL-8eEHDgntnmiHo0cOw6iPcxEd4wE&sig=Cg0ArKJSzOPrPd2HMJDfEAE&cid=CAASF-RoQdaGwx3NOaWM97IaS42tPBY2kTeE&id=ampim&o=315,9664&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1017&mtos=0,0,1017,1017,1017&tos=0,0,1017,0,0&tfs=552&tls=1569&g=100&h=100&tt=1569&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=4265767388
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 42C6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031401&jk=4027972681861695&bg=!VValVhLNAAba2mK92to7ACkAdvg8WiePoPq_ZC2kaIRQjW58MjY3NToEXaGqyhTSjBCdTxzEwHMnGwIAAADyUgAAAAJoAQcKACDAIrVrLV0mtq3M3EFkKdan89SRJPTXgRkuCu-2LwZ3hpkDCLor2UWdTr9NlYuGg7lnTJd67JGi8ARH9ugUremHSO4IZw6WUMKn1-coIP_d0IDTIS5lNLIUPQA3FAlmH9dXMi066UOqZoQpbFiVh1aYqIikCO6MBMZkw40YHQIkpkiDQtLoHF3Ou3mVZZ3xCGqnOr6lS5NXsIMCN8oaq4MV-eJD0-vL16jZve9V_hdpc2s-TWkfcaeeFOUP8ahlugD00Pg-yVjwNIdwdcZwn90nvGHgR6qiE4E_jU4pthCDzUc-WwBU1mTyY0nxVob5dERrDjnyGtt62xUAUPf_vP5CqVocT-OgLA2ZRrlC4DKTUk_yhg8eToNlsELpN3ubKbysLB5tac_R_Z8UC5PFHt3NQc0tbGruBxqmCa67-0Triiqr7U7pVIURgIubUdBpBH0AFDRYr-SjCbb-o3WPotYYwuos8AphZXQeOvWM4Baho0HONnnp1KTur4G4iaPdSnYiYTu2i5TjKV6cknQcXpzzg7iTTTwpo9o4JlC0gCUkKQ96nOpubg2lW0J00XrYWwuctoV23MR8RftpvT03225BVk5QV_F6N_HzO7CvXbMuDjOIrJaFpzA5RagsCK5EoYodYo4lA6i666h1QMFJ8_dL26msrfIbaJHvIE1rJeGbP_My0SDqoAYgS7jaxHH7zQhPEbIc89c24dmH3GzbFQO-wDM1vhKMnVldjMoRAf2VA6Os2d49Gx4gMzGOC-Rd-sYFo7wL2x9IfAht4eo9swJdzHM2CzfyHsJa3gWWJ2ysAMbZW_nS6-Izh6hZGnTK1UKONDTanmhX-1r75Q0ajQDycegpLNPxjPres1HrrDPGQ9nFJ-M8wcZ2umT3ZUz4RevPKa2WNm_0fT61UZAMb3UaFusQwXYMsIRWpJXFgV9-AH5iTL_k0FKLp10hWJ4gARPGTLxm10z1V2xePRvlCTrzh7TfDLSjQDd2V0vuqeMjmaWYu4FssWkm7WpLiQgq2ZTlErf58Y5vmmmUhS1v7QIOVr_6YdIgq3apbutiKiE1KYihviKAd4C_Ri7q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5409 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvCZhuJzgJGVxvD1FtWVUj98Cu_EIZ65wuGZqNYZyQdcY6htRnuAsm7snm9Ld8rLhtz05rs_PYraXSRH4hX-J0C0IvoDuPAyfZ4ZLMHBFWbo0VLSkXDTw&sai=AMfl-YRkWExhFushXVYB-Qx14VNfZTA8DMO9kzRJsmRm5p-Xck8amdfWvR7vy50O8C_hA8o4CVR3WaYd4DomG-hatXfIiv_FYFLNvZLOXq07AuylMpUvbv_N-GPbQvWT&sig=Cg0ArKJSzHOKWGRVhV4tEAE&cid=CAASJeRo0TzhZD3mdbhp-Ue33HOE2r0UuOmB6UeOG4LQ-iEYDlPVfm0&id=lidar2&mcvt=1000&p=377,800,467,1528&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220316&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3635209067&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647693953636&rpt=613&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame 32CB 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:55 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Mar 2022 12:45:55 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame A103 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:55 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Mar 2022 12:45:55 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame 42C6 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:55 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Mar 2022 12:45:55 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame 1D0C 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:55 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Mar 2022 12:45:55 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame D6DC 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:55 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Mar 2022 12:45:55 GMT
syncframe
gum.criteo.com/ Frame BBDF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=anhdep24.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2252
date
Sat, 19 Mar 2022 12:45:55 GMT
content-length
5145
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 42C6 		97 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:55 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Mar 2022 12:45:55 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 42C6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=18&pc=4027972681861695&lid=esp.criteo.com&eids=31064927%2C31060545%2C31065617%2C31065456%2C31065515
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame A103 		97 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:55 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Mar 2022 12:45:55 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 32CB 		97 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:55 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Mar 2022 12:45:55 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame D6DC 		97 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:55 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Mar 2022 12:45:55 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 1D0C 		97 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:55 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Mar 2022 12:45:55 GMT
sid
mug.criteo.com/ Frame BBDF
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=anhdep24.com&sn=ChromeSyncframe&so=3&topUrl=anhdep24.com&bundle=FQcYYV9zMk5MRGpFb1R2cGZaNFZRVklVanlTRlhhblNlQ1FBc3FxWU10Tm5PdmVSV0drRW9wQj...
  • https://mug.criteo.com/sid?cpp=IaCqEnxpcnVXWU5ia1FaamVkTXVieTFYRjcvbWJldFoyeHBPTUNTR0RyNFpYV00vckoxT3RGSEFHREY3UmQ0ZW5WY21CM0N3UmdrOWNlYUpYMnJ6WDRXaDFQK1hGczhkWFBQSFRHbTBUc3BzOGIwTlNqRm5zSEE2OWJINW...
425 B
631 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=IaCqEnxpcnVXWU5ia1FaamVkTXVieTFYRjcvbWJldFoyeHBPTUNTR0RyNFpYV00vckoxT3RGSEFHREY3UmQ0ZW5WY21CM0N3UmdrOWNlYUpYMnJ6WDRXaDFQK1hGczhkWFBQSFRHbTBUc3BzOGIwTlNqRm5zSEE2OWJINWtYaXdOU1hpak1mWno0NFVlNG5McldhQms1NW9wc2k2Q3hJVjRvcU1lNGlzR1BvTkdPRHp4aHZ2VFplSW5JYUhycmxMemRSU2tRSjdFMW9MU2tLT1hKSGFiMmt1NlByWjhySzRUTFdDckE3TlBTWFEzZE9NUmcremdQMDlNMVZjUEovZHdGNVJiKzZkSlNaVXcrcmpqS3BmVlRKSjEzM1pUb3J0czlVcG1ZaStTUDFHTW10Zz18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
820630f1dc871f8d1624380d900ae7250f96e2871ffb3840d9f572d8cb63e6f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:54 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4415
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:55 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=IaCqEnxpcnVXWU5ia1FaamVkTXVieTFYRjcvbWJldFoyeHBPTUNTR0RyNFpYV00vckoxT3RGSEFHREY3UmQ0ZW5WY21CM0N3UmdrOWNlYUpYMnJ6WDRXaDFQK1hGczhkWFBQSFRHbTBUc3BzOGIwTlNqRm5zSEE2OWJINWtYaXdOU1hpak1mWno0NFVlNG5McldhQms1NW9wc2k2Q3hJVjRvcU1lNGlzR1BvTkdPRHp4aHZ2VFplSW5JYUhycmxMemRSU2tRSjdFMW9MU2tLT1hKSGFiMmt1NlByWjhySzRUTFdDckE3TlBTWFEzZE9NUmcremdQMDlNMVZjUEovZHdGNVJiKzZkSlNaVXcrcmpqS3BmVlRKSjEzM1pUb3J0czlVcG1ZaStTUDFHTW10Zz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1962
content-length
567
expires
0
pd
u.openx.net/w/1.0/ Frame 42E7 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.1
date
Sat, 19 Mar 2022 12:45:56 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
usync.html
eus.rubiconproject.com/ Frame AB77 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"40014-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 19 Mar 2022 12:45:56 GMT
Connection
keep-alive
Vary
Accept-Encoding
sspmatch-iframe
ads.betweendigital.com/ Frame A365 		661 B
840 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.29.165 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
631083fa326f9ac837c65c39a511f302a0d70885fc369014d9938e8ec181f562

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
661
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6C3A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 17 Mar 2022 06:19:05 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sat, 19 Mar 2022 12:45:56 GMT
Age
23206
X-Served-By
cache-lga21955-LGA, cache-hhn4050-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 387047
X-Timer
S1647693956.095364,VS0,VE0
Vary
Accept-Encoding
check.html
biddr.brealtime.com/ Frame 89D2 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

Date
Sat, 19 Mar 2022 12:45:56 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
THBBha14TFKejWVop+slac2Gat7v7s2Fu4JGgxBkG9B75xNQjO1mn/icIaXCsUesNFddupQ0giY=
x-amz-request-id
15DG7FS62Q387667
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
6909
Expires
Sat, 19 Mar 2022 13:45:56 GMT
Cache-Control
public, max-age=3600
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6ee64ed9c8e89bb9-FRA
Content-Encoding
gzip
check.html
biddr.brealtime.com/ Frame 778E 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

Date
Sat, 19 Mar 2022 12:45:56 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
D8bCfiUfQmFaOPGY9GG00VqkPR8LyxoPPUMDv8kTzcs2w4+RBsqydpo2MRUbL19ONaisLRL7BCw=
x-amz-request-id
AGCHCGNC05GTWZVJ
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
5132
Expires
Sat, 19 Mar 2022 13:45:56 GMT
Cache-Control
public, max-age=3600
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6ee64ed9cbc89974-FRA
Content-Encoding
gzip
async_usersync.html
acdn.adnxs.com/dmp/ Frame DA9B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 17 Mar 2022 06:19:05 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sat, 19 Mar 2022 12:45:56 GMT
Age
23207
X-Served-By
cache-lga21955-LGA, cache-hhn4059-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 379043
X-Timer
S1647693956.096027,VS0,VE0
Vary
Accept-Encoding
sspmatch-iframe
ads.betweendigital.com/ Frame C006 		0
159 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.29.165 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
usync.html
eus.rubiconproject.com/ Frame 12C6 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"40014-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 19 Mar 2022 12:45:56 GMT
Connection
keep-alive
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 1B33 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.1
date
Sat, 19 Mar 2022 12:45:56 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pd
u.openx.net/w/1.0/ Frame F031 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.1
date
Sat, 19 Mar 2022 12:45:56 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
check.html
biddr.brealtime.com/ Frame 9DB8 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

Date
Sat, 19 Mar 2022 12:45:56 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
D8bCfiUfQmFaOPGY9GG00VqkPR8LyxoPPUMDv8kTzcs2w4+RBsqydpo2MRUbL19ONaisLRL7BCw=
x-amz-request-id
AGCHCGNC05GTWZVJ
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
5132
Expires
Sat, 19 Mar 2022 13:45:56 GMT
Cache-Control
public, max-age=3600
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6ee64ed9cff79a15-FRA
Content-Encoding
gzip
sspmatch-iframe
ads.betweendigital.com/ Frame AA94 		0
159 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.29.165 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
usync.html
eus.rubiconproject.com/ Frame 3447 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"40014-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 19 Mar 2022 12:45:56 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame B311 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 17 Mar 2022 06:19:05 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sat, 19 Mar 2022 12:45:56 GMT
Age
23207
X-Served-By
cache-lga21955-LGA, cache-hhn4047-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 387455
X-Timer
S1647693956.096161,VS0,VE0
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame AB77 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
438516fa8162e51e80edee405e616a604df367fb55c5a672be5c9a40f2db651c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 12:45:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70094
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9539
Expires
Sun, 20 Mar 2022 08:14:10 GMT
usync.html
eus.rubiconproject.com/ Frame 45D3 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"40014-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 19 Mar 2022 12:45:56 GMT
Connection
keep-alive
Vary
Accept-Encoding
check.html
biddr.brealtime.com/ Frame EAB7 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

Date
Sat, 19 Mar 2022 12:45:56 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
D8bCfiUfQmFaOPGY9GG00VqkPR8LyxoPPUMDv8kTzcs2w4+RBsqydpo2MRUbL19ONaisLRL7BCw=
x-amz-request-id
AGCHCGNC05GTWZVJ
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
5132
Expires
Sat, 19 Mar 2022 13:45:56 GMT
Cache-Control
public, max-age=3600
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6ee64eda0c389974-FRA
Content-Encoding
gzip
sspmatch-iframe
ads.betweendigital.com/ Frame 9C51 		0
159 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.29.165 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8104 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 17 Mar 2022 06:19:05 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sat, 19 Mar 2022 12:45:56 GMT
Age
23207
X-Served-By
cache-lga21955-LGA, cache-hhn4047-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 387457
X-Timer
S1647693956.150622,VS0,VE0
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 52F1 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.1
date
Sat, 19 Mar 2022 12:45:56 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
usync.js
eus.rubiconproject.com/ Frame 12C6 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
438516fa8162e51e80edee405e616a604df367fb55c5a672be5c9a40f2db651c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 12:45:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70094
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9539
Expires
Sun, 20 Mar 2022 08:14:10 GMT
usync.js
eus.rubiconproject.com/ Frame 3447 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
438516fa8162e51e80edee405e616a604df367fb55c5a672be5c9a40f2db651c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 12:45:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70094
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9539
Expires
Sun, 20 Mar 2022 08:14:10 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame DF48 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 17 Mar 2022 06:19:05 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sat, 19 Mar 2022 12:45:56 GMT
Age
23207
X-Served-By
cache-lga21955-LGA, cache-hhn4059-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 379047
X-Timer
S1647693956.168827,VS0,VE0
Vary
Accept-Encoding
sspmatch-iframe
ads.betweendigital.com/ Frame 29C9 		0
159 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.29.165 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
usync.html
eus.rubiconproject.com/ Frame C3DE 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"40014-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 19 Mar 2022 12:45:56 GMT
Connection
keep-alive
Vary
Accept-Encoding
check.html
biddr.brealtime.com/ Frame 5CE1 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

Date
Sat, 19 Mar 2022 12:45:56 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
D8bCfiUfQmFaOPGY9GG00VqkPR8LyxoPPUMDv8kTzcs2w4+RBsqydpo2MRUbL19ONaisLRL7BCw=
x-amz-request-id
AGCHCGNC05GTWZVJ
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
5132
Expires
Sat, 19 Mar 2022 13:45:56 GMT
Cache-Control
public, max-age=3600
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6ee64eda18979a15-FRA
Content-Encoding
gzip
pd
u.openx.net/w/1.0/ Frame 0A1C 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anhdep24.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.1
date
Sat, 19 Mar 2022 12:45:56 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
match
ads.betweendigital.com/ Frame A365
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://x.bidswitch.net/ul_cb/sync?ssp=between
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=28296e9b-c36d-4f73-8e11-5d0c57b5e5a6
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=28296e9b-c36d-4f73-8e11-5d0c57b5e5a6
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=cbc1a2a9-ddb8-4d6a-8a27-9736f59eb9fa&user_group=1&ssp=between&bsw_param=28296e9b-c36d-4f73-8e11-5d0c57b5e5a6
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=28296e9b-c36d-4f73-8e11-5d0c57b5e5a6
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=28296e9b-c36d-4f73-8e11-5d0c57b5e5a6
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
188.42.29.165 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=28296e9b-c36d-4f73-8e11-5d0c57b5e5a6
Date
Sat, 19 Mar 2022 12:45:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
btw
sync.dmp.otm-r.com/match/ Frame A365 		0
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dmp.otm-r.com/match/btw?id=7662cf78-ab1c-514e-b2e9-b01fd0dc609f
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.152.105 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.105.152.201.195.clients.your-server.de
Software
nginx/1.17.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 19 Mar 2022 12:45:56 GMT
server
nginx/1.17.6
match
ads.betweendigital.com/ Frame A365
Redirect Chain
  • https://px.adhigh.net/p/cm/btw
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uxalPjpSU9SG.AikABlF_ojZ9zQ
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uxalPjpSU9SG.AikABlF_ojZ9zQ
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
188.42.29.165 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:56 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f8-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uxalPjpSU9SG.AikABlF_ojZ9zQ
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
ap.lijit.com/ Frame A365 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 19 Mar 2022 12:45:56 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
async_usersync
ib.adnxs.com/ Frame 6C3A 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Mar 2022 12:45:56 GMT
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8b4c381c-e7c5-4752-91e4-466c6bec9c23
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame DA9B 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Mar 2022 12:45:56 GMT
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d9f7663a-7cfa-43b7-95b2-6e2ad081c8e3
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 45D3 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
438516fa8162e51e80edee405e616a604df367fb55c5a672be5c9a40f2db651c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 12:45:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70094
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9539
Expires
Sun, 20 Mar 2022 08:14:10 GMT
async_usersync
ib.adnxs.com/ Frame B311 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Mar 2022 12:45:56 GMT
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8f906158-00ac-4a9f-a257-7a1a1105488b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidder_18.html
cache.betweendigital.com/code/ Frame 7055 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cache.betweendigital.com/code/bidder_18.html?USER_ID=7662cf78-ab1c-514e-b2e9-b01fd0dc609f&CACHEBUSTER=869785
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.118.210 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx /
Resource Hash
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/

Response headers

server
nginx
date
Sat, 19 Mar 2022 12:45:56 GMT
content-type
text/html
last-modified
Tue, 08 Jun 2021 15:45:03 GMT
etag
W/"60bf907f-ee9"
content-encoding
gzip
x-cdn-edge-cache
HIT
x-cdn-edge-id
311
x-cdn-request-id
ff83bcaddb5b30b844c23b731e8fc011
usync.js
eus.rubiconproject.com/ Frame C3DE 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
438516fa8162e51e80edee405e616a604df367fb55c5a672be5c9a40f2db651c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 12:45:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70094
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9539
Expires
Sun, 20 Mar 2022 08:14:10 GMT
async_usersync
ib.adnxs.com/ Frame 8104 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Mar 2022 12:45:56 GMT
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8d1a4666-7af0-41a8-8f60-02d193ffd382
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame DF48 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Mar 2022 12:45:56 GMT
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d42e8653-c182-46f5-9f48-1f3e19eb2530
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
match
ads.betweendigital.com/ Frame 7055
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=28296e9b-c36d-4f73-8e11-5d0c57b5e5a6
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=28296e9b-c36d-4f73-8e11-5d0c57b5e5a6
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=cbc1a2a9-ddb8-4d6a-8a27-9736f59eb9fa&user_group=1&ssp=between&bsw_param=28296e9b-c36d-4f73-8e11-5d0c57b5e5a6
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=28296e9b-c36d-4f73-8e11-5d0c57b5e5a6
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=28296e9b-c36d-4f73-8e11-5d0c57b5e5a6
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
188.42.29.165 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=28296e9b-c36d-4f73-8e11-5d0c57b5e5a6
Date
Sat, 19 Mar 2022 12:45:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
/
sync3.sniperlog.ru/ Frame 7055
Redirect Chain
  • https://sync.bumlam.com/?src=aid0
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiFodeRBlIFl4XSlAY*
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiFodeRBlIFl4XSlAaiARCFnOkip4IR7KbpACWQyCQ3
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQABiFodeRBqIBEIWc6SKnghHspukAJZDIJDc*
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQARiFodeRBqIBEIWc6SKnghHspukAJZDIJDc*
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=859ce922-a782-11ec-a6e9-002590c82437
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=859ce922-a782-11ec-a6e9-002590c82437&bounce=1
  • https://sync.bumlam.com/?src=aid1&uid=5To2QttF1FDiDlWwE3Dwhg&
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=5To2QttF1FDiDlWwE3Dwhg&extra2=aidata
  • https://sync3.sniperlog.ru/?src=ggl&extra1=5To2QttF1FDiDlWwE3Dwhg&extra2=aidata&google_gid=CAESELcbLb3TyDknahZ01XtAhHw&google_cver=1
43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync3.sniperlog.ru/?src=ggl&extra1=5To2QttF1FDiDlWwE3Dwhg&extra2=aidata&google_gid=CAESELcbLb3TyDknahZ01XtAhHw&google_cver=1
Protocol
HTTP/1.1
Server
31.172.81.159 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 12:45:57 GMT
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync3.sniperlog.ru/?src=ggl&extra1=5To2QttF1FDiDlWwE3Dwhg&extra2=aidata&google_gid=CAESELcbLb3TyDknahZ01XtAhHw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6C3A 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Mar 2022 12:45:57 GMT
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
fb76259d-3258-4f2d-9c1e-1baa20a1c770
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame DA9B 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Mar 2022 12:45:57 GMT
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b2d53919-90f0-4804-bf14-c30b1a3d70b9
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame B311 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Mar 2022 12:45:57 GMT
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d692d4b6-25eb-4b6a-88de-5fec64c19a0d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8104 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Mar 2022 12:45:57 GMT
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
442eb900-fe43-4815-b246-655ab750e492
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame DF48 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Mar 2022 12:45:57 GMT
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e53a268f-572e-42c9-8a9e-c3ed39b66ae6
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 35FB
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=7662cf78-ab1c-514e-b2e9-b01fd0dc609f&CACHEBUSTER=869785
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"40014-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 19 Mar 2022 12:45:57 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
date
Sat, 19 Mar 2022 12:45:57 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
usync.js
eus.rubiconproject.com/ Frame 35FB 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
438516fa8162e51e80edee405e616a604df367fb55c5a672be5c9a40f2db651c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 12:45:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70093
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9539
Expires
Sun, 20 Mar 2022 08:14:10 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 35FB 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=btwnex&khaos=L0XUFQOX-D-8HHD
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif
869785
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 7055
Redirect Chain
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/869785
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/869785
43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/869785
Protocol
H2
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software
ms-counter-3.2.15/1.20.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:57 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-3.2.15/1.20.1
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:57 GMT
server
ms-counter-3.2.15/1.20.1
strict-transport-security
max-age=2678400
content-type
image/gif
location
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/869785
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
xuid
eb2.3lift.com/ Frame 7055
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=7662cf78-ab1c-514e-b2e9-b01fd0dc609f&expires=60
  • https://eb2.3lift.com/xuid?mid=2409&xuid=28296e9b-c36d-4f73-8e11-5d0c57b5e5a6&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=28296e9b-c36d-4f73-8e11-5d0c57b5e5a6&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 12:45:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=28296e9b-c36d-4f73-8e11-5d0c57b5e5a6&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sat, 19 Mar 2022 12:45:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
/
onetag-sys.com/usync/ Frame CC1E 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5d1628750185ace
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=7662cf78-ab1c-514e-b2e9-b01fd0dc609f&CACHEBUSTER=869785
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
7662cf78-ab1c-514e-b2e9-b01fd0dc609f
an.yandex.ru/mapuid/betweendigitalis/ Frame 7055
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F7662cf78-ab1c-514e-b2e9-b01fd0dc609f
  • https://an.yandex.ru/mapuid/betweendigitalis/7662cf78-ab1c-514e-b2e9-b01fd0dc609f
  • https://an.yandex.ru/mapuid/betweendigitalis/7662cf78-ab1c-514e-b2e9-b01fd0dc609f?redir-setuniq=1
43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/betweendigitalis/7662cf78-ab1c-514e-b2e9-b01fd0dc609f?redir-setuniq=1
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:57 GMT
content-encoding
gzip
last-modified
Sat, 19 Mar 2022 12:45:57 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 19 Mar 2022 12:45:57 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:57 GMT
content-encoding
gzip
last-modified
Sat, 19 Mar 2022 12:45:57 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://an.yandex.ru/mapuid/betweendigitalis/7662cf78-ab1c-514e-b2e9-b01fd0dc609f?redir-setuniq=1
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 19 Mar 2022 12:45:57 GMT
sync
t.adx.opera.com/ Frame 7055 		0
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60079&uid=7662cf78-ab1c-514e-b2e9-b01fd0dc609f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 12:45:58 GMT
server
Tengine
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
0
expires
Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.adaptv.advertising.com
URL
https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEMEEh1jEaL13F0_XRncIgRs&google_cver=1&google_push=AYg5qPJYrlwkVmrMwI0OGn0s3FxUUna2AI_DyMmYhk__YnTjYbaIypo7rwHiUoS5SjeyYjiQCQs16Owt6cDGZh8PuedTzHgNx1kX0A

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 function| structuredClone object| oncontextlost object| oncontextrestored function| gtag object| dataLayer object| googletag string| sbbvscc string| sbbgscc function| genPid function| nsbbfetch function| sbbgc function| addmg function| addprid function| sbbeccf function| m2vr function| sbbls string| y string| x string| gprid object| sbbeccfi string| sbbgs number| count number| counter function| timer object| google_tag_manager number| lX number| lY string| csr object| otr object| cnv string| lk__ function| setUGEvals number| tt number| sbbtstflgsbbhbka boolean| sbbhbka object| ggeac object| google_js_reporting_queue string| pb_anhdep24.com_970x90_anchor_desktop object| us_anhdep24.com_970x90_anchor_desktop object| google_tag_data string| GoogleAnalyticsObject function| ga undefined| google_measure_js_timing object| google_reactive_ads_global_state object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| gaplugins object| gaData object| ADAGIO object| _ADAGIO boolean| sbrmp object| GoogleGcLKhOms object| ONFOCUS object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_image_requests

89 Cookies

Domain/Path Name / Value
link1s.com/ Name: SPSI
Value: 6300171e6d47de36755fdccd8822e61d
link1s.com/ Name: SPSE
Value: 41J9HC5od40XP7gLfZSc+aYpWaPwxlMfdO3seMx0/EONIzB6zxv+UxbPxVGrMzLURepTMHoQMuzx2aDdTTpl3w==
link1s.com/ Name: spcsrf
Value: d64de33275e79f136de9a5c09e64d80e
link1s.com/ Name: UTGv2
Value: D-h4bd80b0e6cb519678a2bfbc759f1440e130
link1s.com/ Name: AppSession
Value: 7sm8sji68717322u68edm18he9
link1s.com/ Name: csrfToken
Value: f447ef2c96cf39d1ac0723beae3dd70e52139c2366093f28091cd9ac5bdfbfd3006a4ce6c541ddc19ef78d61c7221b629dd02857c86ce7b211bf24c9361db2ca
link1s.com/ Name: app_visitor
Value: Q2FrZQ%3D%3D.N2M1ZTc3NjI2ZWM3MWE5NDIyZDQwZTI4MTk2YmUwODM3MTE0ZjRmOGQ2MjUwMWY1NzQ3MDQ4YjI5YjgwMjNhN8%2BQ1JqVpkswCpN8SsoW3%2BTjXwCddwGjlMJs9Opkr8g684UIwALHnLcPKgfoDU36Y6Lnvtq1vn6bhvPqQaQs7JtriPh0tNWfOwa2CCNUEoHl
anhdep24.com/ Name: SPSI
Value: 82316ce2cc2fda079a972f833eacf3b5
anhdep24.com/ Name: SPSE
Value: Eg0eC7YTh5S4Yw8/T6wiYxc6tSlGln5xO1eZiA7KGcMdz6jd/vw8b0Ay/KPatCrjd4o8oM0TFATEvVt6v72akA==
anhdep24.com/ Name: JSON_fetchlv1
Value: VCI5R
.google.com/ Name: CONSENT
Value: PENDING+674
anhdep24.com/ Name: spcsrf
Value: 7295a158728fcecd51a155a59597c187
anhdep24.com/ Name: sp_lit
Value: VIgb89VYbAHNiVnm/CaCig==
anhdep24.com/ Name: PRLST
Value: ce
anhdep24.com/ Name: UTGv2
Value: h43d0978e952a7df2037d1667581d893d264
anhdep24.com/ Name: adOtr
Value: 612c823ce2c
.anhdep24.com/ Name: _ga
Value: GA1.2.352553347.1647693952
.anhdep24.com/ Name: _gid
Value: GA1.2.1466469366.1647693952
.anhdep24.com/ Name: _gat_gtag_UA_129758818_12
Value: 1
anhdep24.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.anhdep24.com/ Name: __gads
Value: ID=ec465d8781167cc6:T=1647693952:S=ALNI_MZPZ0ErYT4Dgm7C2jUeyZ3MxoS5ig
.betweendigital.com/ Name: dc
Value: mow1
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
.betweendigital.com/ Name: tuuid
Value: 7662cf78-ab1c-514e-b2e9-b01fd0dc609f
.rubiconproject.com/ Name: khaos
Value: L0XUFQOX-D-8HHD
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qqzGND01LDPukHau3iET1N0BmQvWiFCZkIRhTFoERi5fYl2ye4TDrqY3Xc4ALHn87/AUJ+gL7gixdO5/PBqRvSN/R7Fz5/Qhm0=
.adnxs.com/ Name: icu
Value: ChgI9f99EAoYASABKAEwgKHXkQY4AUABSAEQgKHXkQYYAA..
.anhdep24.com/ Name: cto_bidid
Value: OSGVsV9RYXBlYmV4a3Q5byUyQjA2SzdSOUp2c3lDN1hnZmsyeU9QVlZtTG5jZ0JjTXJOWFNQdkhUWHdueW5ISk1Nclg3NmVNanl3S1V1SXo1ZThTYVpucDFycktnJTNEJTNE
.doubleclick.net/ Name: IDE
Value: AHWqTUkNn6at0slCGxjm-rCAloZr3XAwCmStXJFh5bBEJkdsM898uvRDQXad3r3Ev4w
prebid.a-mo.net/ Name: __amc
Value: 1_1647693952_1647693952
.yahoo.com/ Name: A3
Value: d=AQABBIHQNWICEGNJUs6SrQPFBOEtWcMODWUFEgEBAQEiN2I_YgAAAAAA_eMAAA&S=AQAAAl9oaznEjpyN3K9zttOSuyE
.adnxs.com/ Name: uuid2
Value: 9173727451019600476
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&d089a5c1-8d57-46d1-847f-a119bb8a8e18"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NDc2OTM5NTM7MjswMjFyqrny/vRrM1k+SyBiFWIySfSVR9QhceAhqEKeOT9d7A==
.linkedin.com/ Name: lidc
Value: "b=TGST03:s=T:r=T:a=T:p=T:g=2711:u=1:x=1:i=1647693953:t=1647780353:v=2:sig=AQEhF8N1tTnfXOfmltMsdbYDd2nSmuJi"
.amazon-adsystem.com/ Name: ad-id
Value: A5DVw8rnlUu9p-K8UcDaVRs
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.6sc.co/ Name: 6suuid
Value: 36bb10025f4e000081d035629d02000014460700
.casalemedia.com/ Name: CMPS
Value: 5200
.casalemedia.com/ Name: CMID
Value: YjXQgaa62BdQhslHslBx5gAA
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2HaPFai/A!@wnfH8K6pQK`!5=E<*L5?%K3.Or!1kNT-)1rH0'l#Ial2Qg/a@Q7CotsiNy%nugO%v4VB%nlx2)m<9*
.casalemedia.com/ Name: CMPRO
Value: 1104
.3lift.com/ Name: tluid
Value: 889857544517295130811
.de17a.com/ Name: guid2
Value: 1.6232846184083261621
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAOOSMXR2dA129QpwNCipKvENMMsu9Pf19THJ0Q3NTg7iNTQzMTezNLY0NTEws3zFiMoHALRiExY9AAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNrMwMTE1NTU2tzCxMDQ2NTE2NBHiM9T1r3IsyXLJDbdIKc4DANGT_C8lAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNrMwMTE1NTU2tzCxMDQ2NTE2NBHiM9T1r3IsyXLJDbdIKc6T4jU0MzE3szS2NDUxMLMEAOi2SuM0AAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAAAOOSMXR2dA129QpwNCipKvENMMsu9Pf19THJ0Q3NTgYATtDQSx4AAAA
.casalemedia.com/ Name: CMST
Value: YjXQgWI10IIA
.casalemedia.com/ Name: CMRUM3
Value: 2d6235d0822760CAESEFtYhNSZJDAfUxj8ya0KcIw
.spotxchange.com/ Name: audience
Value: 83d247a3-a782-11ec-af66-1024185a0406
.adfarm1.adition.com/ Name: UserID1
Value: 7076791646253152403
.adform.net/ Name: C
Value: 1
.simpli.fi/ Name: suid
Value: 064D7305A3914CA283E387B9F6083E8B
.adform.net/ Name: uid
Value: 4259822834527182654
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.w55c.net/ Name: wfivefivec
Value: UfScYhys1NvysW5
.advertising.com/ Name: APID
Value: UP84037a4d-a782-11ec-a67b-02dd3cd414ae
.mathtag.com/ Name: uuid
Value: 3bec6235-d082-4200-975a-0f37d8c8ce4d
.mathtag.com/ Name: mt_mop
Value: 4:1647693954
.w55c.net/ Name: matchgoogle
Value: 5
.adhigh.net/ Name: gi_u
Value: uxalPjpSU9SG.AikABlF_ojZ9zQ
.analytics.yahoo.com/ Name: IDSYNC
Value: 18wq~23uc
.criteo.com/ Name: uid
Value: 1ebbddf0-d160-41a7-a60f-9f24b1f1849e
.anhdep24.com/ Name: cto_bundle
Value: c2JR3F9zMk5MRGpFb1R2cGZaNFZRVklVanlUOVVlNTBmQkxBSmtXTHRsVHdZQWZNTVQlMkZ0c1FmaTBTOTFzZURBNkdtT2ozdFJVRXJZRE90Y3ppOVNyRTF3ZXF1YSUyRiUyQkRIOElOamN4ZjVEVDFzcGtzNXBtaDJjRkpla3h1NkFIY2djUWZueUVuJTJCejZuTzcxOXRqdFN1Rm5scEhDQSUzRCUzRA
.bidswitch.net/ Name: tuuid
Value: 28296e9b-c36d-4f73-8e11-5d0c57b5e5a6
.bidswitch.net/ Name: c
Value: 1647693956
.bidswitch.net/ Name: tuuid_lu
Value: 1647693956
.adhigh.net/ Name: btw_sync
Value: jxE
pool.admedo.com/ Name: c
Value: 1647693956
pool.admedo.com/ Name: tuuid_lu
Value: 1647693956
pool.admedo.com/ Name: tuuid
Value: cbc1a2a9-ddb8-4d6a-8a27-9736f59eb9fa
.adsniper.ru/ Name: uuid3
Value: IiQ4NTljZTkyMi1hNzgyLTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.bumlam.com/ Name: suuid3
Value: IiQ4NTljZTkyMi1hNzgyLTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.aidata.io/ Name: __upin
Value: 5To2QttF1FDiDlWwE3Dwhg
.aidata.io/ Name: __upints
Value: 1647693957
.sniperlog.ru/ Name: guid
Value: 67D7228B1F6911BE
.tns-counter.ru/ Name: guid
Value: 7B636A2D6235D085X1647693957
.betweendigital.com/ Name: ut
Value: YjXQhQAKuhhC4ypdHKuCRzPtDqc25RfZCK7d9w==
.yandex.ru/ Name: yuidss
Value: 4704477171647693957
.yandex.ru/ Name: yandexuid
Value: 4704477171647693957
.adx.opera.com/ Name: UID
Value: 632b349e3def49a88061653741d7bc6e

10 Console Messages

Source Level URL
Text
network error URL: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=4324660553442358576
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=4324660553442358576
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=4324660553442358576
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=4324660553442358576
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=4324660553442358576
Message:
Failed to load resource: the server responded with a status of 400 ()
other warning URL: https://anhdep24.com/
Message:
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4027972681861695&correlator=3461670125127677&wbsu=e64b8075-38c8-4824-8efb-2bf6cdb4e53f&callback=googletag.wbn1&eid=31064927%2C31060545%2C31065617%2C31065456%2C31065515&output=wbn&gdfp_req=1&vrg=2022031401&ptt=17&impl=fifs&iu_parts=147246189%3A22558101590%2Canhdep24.com_728x90_leaderboard_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&ifi=1&adks=3635354079&sfv=1-0-38&ecs=20220319&fsapi=false&prev_scp=hb_format%3Dbanner%26hb_size%3D728x90%26h...nhdep24.com&abxe=1&dt=1647693952989&lmt=1647693952&dlt=1647693951867&idt=1069&biw=1600&bih=1200&isw=728&ish=150&adxs=800&adys=258&oid=2&ucis=masky9disjl&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=2&url=https%3A%2F%2Fanhdep24.com%2F&top=https%3A%2F%2Fanhdep24.com%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x150&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=352553347.1647693952&ga_sid=1647693953&ga_hid=647599796&ga_fc=true&btvi=0&nvt=1: WebBundle format "b1" is deprecated. See migration guide at https://bit.ly/3rpDuEX.
other warning URL: https://anhdep24.com/
Message:
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4027972681861695&correlator=3461670125127677&wbsu=e64b8075-38c8-4824-8efb-2bf6cdb4e53f&callback=googletag.wbn1&eid=31064927%2C31060545%2C31065617%2C31065456%2C31065515&output=wbn&gdfp_req=1&vrg=2022031401&ptt=17&impl=fifs&iu_parts=147246189%3A22558101590%2Canhdep24.com_728x90_leaderboard_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&ifi=1&adks=3635354079&sfv=1-0-38&ecs=20220319&fsapi=false&prev_scp=hb_format%3Dbanner%26hb_size%3D728x90%26h...nhdep24.com&abxe=1&dt=1647693952989&lmt=1647693952&dlt=1647693951867&idt=1069&biw=1600&bih=1200&isw=728&ish=150&adxs=800&adys=258&oid=2&ucis=masky9disjl&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=2&url=https%3A%2F%2Fanhdep24.com%2F&top=https%3A%2F%2Fanhdep24.com%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x150&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=352553347.1647693952&ga_sid=1647693953&ga_hid=647599796&ga_fc=true&btvi=0&nvt=1: urn:uuid resource URL in WebBundles is deprecated. See migration guide at https://bit.ly/3rpDuEX.
other warning URL: https://cdn.ampproject.org/rtv/012202142035000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012202142035000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEMEEh1jEaL13F0_XRncIgRs&google_cver=1&google_push=AYg5qPJYrlwkVmrMwI0OGn0s3FxUUna2AI_DyMmYhk__YnTjYbaIypo7rwHiUoS5SjeyYjiQCQs16Owt6cDGZh8PuedTzHgNx1kX0A
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

158ff0f6e5982d339946055ebbe20530.safeframe.googlesyndication.com
1shorten.com
76ad760fa65c2c12d1325df3c54fd396.safeframe.googlesyndication.com
91ddacdc5d85c79dc53597452cb35bf8.safeframe.googlesyndication.com
a.rfihub.com
acdn.adnxs.com
ads.betweendigital.com
ads.yahoo.com
adservice.google.com
adservice.google.de
adx.adform.net
an.yandex.ru
anhdep24.com
ap.lijit.com
bidder.criteo.com
biddr.brealtime.com
c1.adform.net
cache.betweendigital.com
cc.adingo.jp
ccc7a1f90e572e6e8a4b60076af0efa6.safeframe.googlesyndication.com
cdn.ampproject.org
cm.adform.net
cm.g.doubleclick.net
cs.emxdgt.com
d53c26ae37f77356724e4eff20524090.safeframe.googlesyndication.com
d5p.de17a.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.emxdgt.com
i.imgur.com
ib.adnxs.com
id5-sync.com
link1s.com
match.adsrvr.org
mp.4dex.io
mug.criteo.com
node.setupad.com
onetag-sys.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.rubiconproject.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-stag.setupad.net
prebid.a-mo.net
pubads.g.doubleclick.net
px.adhigh.net
px.ads.linkedin.com
rtb.openx.net
rtb2-useast.e-volution.ai
s.amazon-adsystem.com
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
setupad-d.openx.net
ssbsync.smartadserver.com
stackpath.bootstrapcdn.com
static.criteo.net
stpd.cloud
sync.adaptv.advertising.com
sync.bumlam.com
sync.dmp.otm-r.com
sync.inmobi.com
sync.mathtag.com
sync.search.spotxchange.com
sync.teads.tv
sync3.adsniper.ru
sync3.sniperlog.ru
t.6sc.co
t.adx.opera.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
uuid
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
sync.adaptv.advertising.com

104.109.78.125
104.111.233.140
104.111.242.245
104.17.119.107
13.248.245.213
142.250.181.226
142.250.186.98
142.250.74.194
145.40.89.200
15.197.193.217
151.101.1.108
151.101.12.193
151.139.128.10
151.236.118.210
159.89.25.223
169.50.137.182
174.137.133.49
178.250.2.131
178.250.2.146
18.185.12.233
18.195.155.181
184.51.9.98
185.184.8.65
185.29.134.244
185.33.221.15
185.86.139.104
185.94.180.125
188.42.29.165
193.0.160.128
195.201.152.105
2.19.35.65
20.72.149.136
2001:6d0:4001::226
213.155.156.183
216.52.2.30
2602:803:c003:200::51
2606:4700:20::681a:8b2
2606:4700:20::ac43:4bf1
2606:4700:3108::ac42:28fd
2606:4700::6812:272
2606:4700::6812:acf
2620:1ec:21::14
2a00:1288:80:807::2
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2006
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200a
2a00:1450:400e:801::2002
2a02:2638:1::13
2a02:2638::3
2a02:6b8::90
2a05:d018:d29:3605:706f:acaa:4e00:4ed5
3.126.56.137
31.172.81.159
31.172.81.172
35.157.98.225
35.158.245.151
35.210.53.219
35.227.252.103
35.244.159.8
35.75.193.236
37.157.2.234
37.157.2.236
37.157.4.24
51.75.86.98
51.89.21.20
52.46.130.91
52.59.66.68
66.155.71.149
69.173.144.138
69.173.144.165
82.145.213.8
85.114.159.118
89.108.119.28
91.207.59.213
060ac49f3c5f6cda4d5873537db897ee93e830013cef08d02c80843886615791
0720b994508a4b42921948e4cfb5df3df04bd62334f240274ff15e37624a640d
08df2978062ef1be1c6237860067c31b5e32c94d01a8b8d4af6d5a4b523e4840
0a7600433acd091184da962ed409c9748e1c2bf72d56c59a284a10a77ba3e883
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c95c4879a2ac68eccbb3534a6c6a4397ff9552974a7899029d7557a3d5b6e8c
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad
0f245cec163612be445ec18d594791e40d7b97494f98e5380644fa107127e1c8
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
143dc2ef8b95b614e4805d2aabec417ed02034b6264f1da43ac7f2151a4af507
1a6cd5a2a2478d2ae264e12aa48a9fec0e4f940e8b4668081f30e2312a85da4c
1b6b8950a978832112ba7c3fe968f49763956353cc0b74d9cfabe50f64d458bd
1e02189b6990b38c43207a8c0c206a2fda1833e7b7401fa42af72671e62f43a5
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
223845d90e8f3574780fe5d0e4f8f09b3aba1d0a380bfbdfb3395557f46a8be0
248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0
27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
299338aca015187490226231730cd8c843910cda7489f5e0f210ea3f3a34f1a4
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2e7e497b5072fd3b9282efb51fc006abf812732e576f7ee8643829f02ff5077f
300e20fcfc96ee9f49d76cafbe17bdb9db8cdc5102004d9b827da584479b694a
3110966fa73dac64901ac2cec67656155bb9717286b7b0da0544cdd8ae7c888d
327f60006e399d96d711bc4bc9b08b12cdd2f0a600a3c26edde260b30aa3e6b1
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32b8fae56a7edbfe89e7f7fd22aa7df75546183f81660692c9cf03d3c8d914ba
334f35d594e84905143665705c5ed7b3cd30d83a2cd34b96eb97e139cb5ff764
34cf375b2e2d0d3a601a3c319960c0c773762201689d6491d259abea72cfaff1
35dcc57b9e2989fedc019c5266201978701de042cbbb527753168f1bb1d824f6
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37b159a0cdf39793c92b99dd78b847a2fc1e3620fb4cef689bb1d9dd123ac916
381d083fef9b15cb752fc19ff1e48a31500903332f33fd6102a7f8d5ddcfb658
38ffe5a3c342bb6703ad8d1d60acd40695550e20fdfd0744f30fad9b9f29ec57
3a2cb8bf98bd47f935e610ebd4dc0e6253196f6129d8bf466a5f5176f25c3a44
3a75279726f7fdbc346a1e365d7c61f02547301df903c80e15d639682bdd54b9
3a96a40c0d46fdb0a4dcd5eb8c06b02cc8b53a7b95df792e6b799f983dba9bbf
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40d63d5406b15a3af2a08eb0375ef52fe709953e90dc773334a084a45a01c1c7
4160f209e2d78ac6b0df96a17249418ea0082d08c4a62b9c35e1fd9c6fd1f931
4189fb507176e7c18b174c36ddb0b61ca5b4b8e2a01fe6d74c619623c6d6975d
41eca038a89407c0b40c67b7140642ab8994df016e11179016278bd7ad76564c
438516fa8162e51e80edee405e616a604df367fb55c5a672be5c9a40f2db651c
43aa3c1011af28ee685c9d3f1a561c98d421be90883360570c987d2b20040d6e
447eaf30388fb18d4a05585be04b8cd938c69dfa24fafbffb8ba46b323b96d04
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
46b067ceb85399fae47b2969f7d6d110db5b06f8db477b70fc1b4d08b5a0eb0f
46b364d65157453c1c4c5df7655243fbc27eb51439144dad0a2edc42e7967be7
479c2277e7479c51d99a27ef94c3fb85764f88c417439e74f996af1415a05d5e
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
4aacea7e08de8d6b45fcc08fbfb677c7c7859096c7327d8b0b6e66d40dd9d6b6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f1fc0f98ddd08960543d7ef904200c1631406aa708d0968276b0f5200aa8f29
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
514f54e42e2532b79abf4f8c9a7a4bd9b0955fb2fb4cc6044a061a778392efec
52d310c721b75b299ede4773167a2c0752533c98ebd3d07193aa45b8af408d43
53361e848ad07e8adc2a117fd1dfe008402012fd03acda5615edcfcb65075ad2
53ca1c3c7a3e3cc43321e37a3bd12e9d3e13ea4648ff7ed1cfe9bf0470d815d1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55beb935a57fef4e4c50d3f0964f2d9445406ee651fb127f585f9ec856e6b9c2
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
584d7e64579f0e2a3138d2552fb0b8655b02a4a4f244cd056eb39a717afe4feb
5a38a226eb4978a6bf242234fece06a44c212501359013a6e593c3c8ac7c5cab
5b030c1c97a6302907d9f151272be4d5372e2a1b9140161487559015399316cb
5b55bf7dd15889d4a22f310790e4a465c487f6f55b43cf7667d2726032870a9b
5ccb0f3e5aa0b313d991508273a8c01a294ecd07952b0da9e6fa7850883bf6c6
5d4592ab5d7c188cc38658e55c532f0d58d0748dceffad4bac68a59df368d95e
5f6abe3c7893ef459ce8a6954aa2b3c2ecdaf0b06f47cc45ee4f0e2a243b1fc1
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
631083fa326f9ac837c65c39a511f302a0d70885fc369014d9938e8ec181f562
65344d3125b262710b480bb890f4575d7740c89550e9ce3d28bd6517bcdaf754
67bb3dcbbd1439c46f8c904eaa3e16ab9f75b7b3d82829cad4a878b027bf67fa
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
68cb5ab5bb9364c21c246864bf64a4aba0cb7355a1e75629e591c5cf9339e2f2
68f96e81408856521e0cc8a6cae76b68111ef7d701b9cce7babbbd2c07b6d8f1
6ace2f756e5453007c548c628550d753ced2d926678279341d645cb7dd89e5dc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0fd41dd5aec03b6d1bb844c1b711af780565a272eca8acf0885ee4af3f4073
6e2280380dcfd812992031eda8d2439b9cb3f503747764f7eb4669fe66ee3b55
70ac3af9751a2113e50b2b5bd7cb1658eebf3f98d6f16b07969ece1c18eed8cf
70f591ddb8379ee779003ada24877c5b08e6737fdeb5ce232c2a95dfeb3b9e9f
73d48e5b77e6f9c20e969dedbd1b226f3904b843b532a3324297d145596e0564
74cde492a5fe769328da9889a4711d5ee6b53c8152247650749b5df1fd0dc2b9
76203b6be2c55e2d19ba62f98bc0806bfff9366b0c6bd29b9ebfa20cb29a990b
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
7d9ef7e03446d8bd6730508cec69915a2fc7526c92f56b71ed2c75ca7b04f683
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8192b4a25481c12969a2c9cea288be00f474ebabb39f5d3a3426aba02adcbe2f
820630f1dc871f8d1624380d900ae7250f96e2871ffb3840d9f572d8cb63e6f8
8423e9f0c907cf77ef87a7eddbcff41a16a7a1fd6a7d20f8c24c01c54b525a10
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
9163ab146c3bbc43bab36ec4b5af7ac4dd308aef22b0ae79385aea3878e9d0fc
9289d101a4e9126dc111d703f6752ad1d6dd0a1b3dd1afc8242be349f67d5564
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e735704edf0c426019c4ae9ad0be01876e6f63ee12c92f62c80fc6878325b12
9f034836810184ae316a3ff4cbec4cfbe241b37a872063e63c3cc9a2bae4d2b3
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a06d777fea2cce715cb3abb95a8d7bb96b3723037706eb1333c95af9677207d9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1e2b0dcdc48527c85aa69b5f00854c11cb4b4554544098f2473119428c38017
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
a6dd5890bd6d1448cbb4b08f5799ab7ade6a0057431400e539bf33e729422476
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a84d5b8b9f8d086573bb070e1f90ea3ec1047dbb13904975b92af15008a28b3f
a9da92c6720285f93b2e9cea1d24b2ca7fa8f661b88ca25fd934ddb952b6cfd6
ac15a5f6b90178db22be2a07f2dcdd21ccd9e9980a7610a1be2c59565fee02fe
ac2a6bdf3640e1213ba9a0a900ea6864a0274b080ba3bcf05ff245bfabb5eba0
adc064b9dc189ee1d9e2bcc170cabc602a3ed93a661b74d5cd986a946ecb5f0b
addb0b6ade5d030ec29f55290b23925ff769f8cf079c28951eef670efd1a060e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7b4ae7d99a6cd52aa125f125a85a2d9ddd5316fff738099e01555c78de033c1
b9be91d21667f581da21de88d61d2a8efef661c00fa7745ada3c8b5af67f0b02
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
be8c20be7b4c887b2363c5082070387c8131765c75536c6b0c90f1ef01735c99
c0a07e246580ede6e5f40f6f3a6f528b41789f8f450ee167c667f8785511b6ac
c0a57459dbef158b23ad3256f2b6b8a259a62d6c8bc7b20bfd1f35af69367eda
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c466a2afd88dc3f296f17b3f7969994b71d2b86b746f5b6548fa3aca988a1bcc
c8d5b18285226a942a9ea6c508f7e04d89483e0142e69ef2044be9544154e418
ca3db6c2624c8cdcff87fffe7f8d131e591930fff39024dbbdf89bd68d83d9a2
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc6180a1a4b6af14eb6692da7ca250e03acbcf70768324e580fe808bd33ad485
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
ce1cae4a374b267dbda8d678a61a4b33ee7d6a3f55d35c555d0aaaee6143096e
ce2ed8c9266ffa47298f0688b0ed734b7126ad1ddfbd44912fbcc2ccabf790a7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d07041abbcda71d98e6a46d5861635e1e523acefa9b9c074816b53d5ea7f0ec1
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d155160aea288964eebe06a362795ab879ed657ca75f7ca60d5a1c8e9fe05d7b
d402b35e6e0d996cc57dfb1f40a87b672f1eb4dfe0744da6d9c40b0d26592815
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d852949861b493334653398c1c507115a32bbaea21607c2c4486fcb8764cd66a
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e71e1c2805931c552d9bea70ee881ab61d9baca7fecbd841aef350069ca085ac
e828f77de3b52767d0e2b02fe64059ea637f102133c5e84ee4b1596e99a3c02d
e83de86a3876092cd38226f8e5620b3ba24addf0051328dd5fff01f78207ff20
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e93b8adb993c15aa79a355833c9f139a100cec2162da823bf432e6559523da9e
e962316fa773e8b24c8a3d8528e93ab31b1cd12a8a4e585a7893cd685d24ae8d
e969824490eea74dc11def01e7970f60bbe07b1f125be1c42911b01be82b7253
ebb1fa7deec251c028907ce011a15c0d7aaac93ebfabc703aa0cf2d1369d2354
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ed7385b2ca535f7f90bb14266ddd68d64393f41d1559cbb4af01ece4dd36b8fb
ee48cd0fbc2ecdb2a4961fc69fc449c1a2bd316ae0b6e8dea97a32084f3ae222
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c98c713b5c7607c74703455dec4a3ebb11dc2c5d3e6ee53e3e7b9bd43df0eb
f1849387f12fbbaa2b251f0139cf98b941d86f3900f2534fbb8cf17be50d1567
f2ed8a35d6fd1f5bf0923284f1b2e0400a97cbaacd5abb2c674ce566b0e81fec
f33e4b654e414d69b018c6ba88ffde78e0da026cba900ae3eff00f4332cd4b8d
f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf
f40e6685bf42923427be232ea8c3993947d77b333c5566c64bc95b8e5b3e2e91
f57196e60360377f5a7db692992eb16ca03f955148fc9495a327d20c423d2bd8
f626455ea4bed8b6056468fa85f36c8141e5e1c2cd7b11a456421f0d26088fae
f6bd2756152577c9beb461baadeb2ae39a0e101e4890c7e5c0c0814c34c32de7
f75e7683d68ff7e6c0761e732233d7be83714e605d1321fd02dc76ac6410f741
fa6780f3226440fe0a1ec6f664da610f31bee7bc3abdc5ffcfc566a311ed63fe
ff28592ae2b0572a76b11239cd63a9c88412201a72ea0e994894f4bcd6d9d4bd
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89