vncare.net Open in urlscan Pro
103.229.193.244 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://healthcare247.asia/
Effective URL:
https://vncare.net/
Submission Tags: phishingrod
Submission: On March 18 via api (March 18th 2023, 5:14:13 pm UTC) from DE — Scanned from DE

Summary HTTP 174 Redirects Links 144 Behaviour Indicators

Summary

This website contacted 38 IPs in 10 countries across 38 domains to perform 174 HTTP transactions. The main IP is 103.229.193.244, located in Viet Nam and belongs to VIETNAMHOST-AS-VN Masters Technology Corporation, VN. The main domain is vncare.net.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 8th 2022. Valid for: a year.

This is the only time vncare.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	103.229.192.200 103.229.192.200	131404 (VIETNAMHO...) (VIETNAMHOST-AS-VN Masters Technology Corporation)
1 17	103.229.193.244 103.229.193.244	131404 (VIETNAMHO...) (VIETNAMHOST-AS-VN Masters Technology Corporation)
6	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	103.138.88.36 103.138.88.36	135905 (VNPT-AS-V...) (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP)
1	103.138.88.65 103.138.88.65	135905 (VNPT-AS-V...) (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP)
1	2606:4700:10:... 2606:4700:10::ac43:ebf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	103.77.162.8 103.77.162.8	45544 (SUPERDATA...) (SUPERDATA-AS-VN SUPERDATA-)
4	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:c2e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:4e:1... 2620:1ec:4e:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c02::9b	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
4	20.231.53.73 20.231.53.73	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	118.69.83.90 118.69.83.90	18403 (FPT-AS-AP...) (FPT-AS-AP FPT Telecom Company)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1 28	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2006	15169 (GOOGLE) (GOOGLE)
5 24	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
4 6	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.83.142.19 185.83.142.19	29990 (ASN-APPNEX) (ASN-APPNEX)
4	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2 4	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2 2	18.196.198.111 18.196.198.111	16509 (AMAZON-02) (AMAZON-02)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 4	37.157.5.142 37.157.5.142	198622 (ADFORM) (ADFORM)
3 3	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	98.98.134.242 98.98.134.242	21859 (ZEN-ECN) (ZEN-ECN)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:5125:66ec:eae5:be30	16509 (AMAZON-02) (AMAZON-02)
3	35.213.167.91 35.213.167.91	15169 (GOOGLE) (GOOGLE)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
174	38

1 103.229.192.200 (Viet Nam) 1 redirects

ASN131404 (VIETNAMHOST-AS-VN Masters Technology Corporation, VN)
PTR: static.vietnamhost.com.vn

healthcare247.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 103.229.193.244 (Viet Nam) 1 redirects

ASN131404 (VIETNAMHOST-AS-VN Masters Technology Corporation, VN)
PTR: static.vietnamhost.com.vn

vncare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.138.88.36 (Viet Nam)

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)

thammyviengangwhoo.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.138.88.65 (Viet Nam)

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)

xmebeauty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:ebf (United States)

ASN13335 (CLOUDFLARENET, US)

theme.hstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.77.162.8 (Viet Nam)

ASN45544 (SUPERDATA-AS-VN SUPERDATA-, VN)
PTR: alia.thonetvander.vn

angelbeauty.com.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:c2e (United States)

ASN13335 (CLOUDFLARENET, US)

widget.subiz.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:4e:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.231.53.73 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

q.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 118.69.83.90 (Ho Chi Minh City, Viet Nam)

ASN18403 (FPT-AS-AP FPT Telecom Company, VN)

vcdn.subiz-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 142.250.181.226 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.80.39.216 (Canada) 4 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.83.142.19 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.198.111 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-198-111.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.5.142 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.115 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.241 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:5125:66ec:eae5:be30 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.213.167.91 (Singapore)

ASN15169 (GOOGLE, US)
PTR: 91.167.213.35.bc.googleusercontent.com

api.sbz.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 134	582 KB
43	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 32 stats.g.doubleclick.net — Cisco Umbrella Rank: 76 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 310 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 static.doubleclick.net — Cisco Umbrella Rank: 241	223 KB
17	vncare.net 1 redirects vncare.net	505 KB
12	gstatic.com www.gstatic.com fonts.gstatic.com	283 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1002 q.clarity.ms — Cisco Umbrella Rank: 9339 c.clarity.ms — Cisco Umbrella Rank: 1518	22 KB
7	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 68	2 KB
6	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 524 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 425	5 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	5 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	243 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 590	3 KB
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 770 r.turn.com — Cisco Umbrella Rank: 3354	2 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6069 adservice.google.de — Cisco Umbrella Rank: 8720	1 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25	20 KB
3	sbz.vn api.sbz.vn — Cisco Umbrella Rank: 120602	868 B
3	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 717	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 214	3 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	104 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 295	529 B
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 460	2 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 317	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 729	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	91 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 240	739 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439	713 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2706	104 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 608	191 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 595	590 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 736	760 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 272	63 KB
1	subiz-cdn.com vcdn.subiz-cdn.com — Cisco Umbrella Rank: 161941	35 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 860	602 B
1	subiz.net widget.subiz.net — Cisco Umbrella Rank: 157571	742 B
1	angelbeauty.com.vn angelbeauty.com.vn	824 KB
1	hstatic.net theme.hstatic.net — Cisco Umbrella Rank: 124541	11 KB
1	xmebeauty.com xmebeauty.com	29 KB
1	thammyviengangwhoo.vn thammyviengangwhoo.vn	13 KB
1	healthcare247.asia 1 redirects healthcare247.asia	186 B
0	vietnamkhoemanh.vn Failed payment-api.vietnamkhoemanh.vn Failed
174	38

	Domain	Requested by
28	tpc.googlesyndication.com	1 redirects vncare.net tpc.googlesyndication.com googleads.g.doubleclick.net pagead2.googlesyndication.com
24	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net vncare.net
22	pagead2.googlesyndication.com	vncare.net pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
17	vncare.net	1 redirects vncare.net
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com vncare.net googleads.g.doubleclick.net
8	fonts.gstatic.com	fonts.googleapis.com
6	fonts.googleapis.com	vncare.net googleads.g.doubleclick.net vcdn.subiz-cdn.com
5	www.googletagservices.com	vncare.net googleads.g.doubleclick.net
4	c1.adform.net	4 redirects
4	static.doubleclick.net	googleads.g.doubleclick.net
4	www.gstatic.com	googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	q.clarity.ms	www.clarity.ms
4	www.google.com	vncare.net googleads.g.doubleclick.net tpc.googlesyndication.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com vncare.net
3	api.sbz.vn	vcdn.subiz-cdn.com
3	image6.pubmatic.com	3 redirects
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	cdnjs.cloudflare.com	vncare.net cdnjs.cloudflare.com
2	c.clarity.ms	1 redirects
2	match.adsrvr.org	googleads.g.doubleclick.net
2	sync.mathtag.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	pm.w55c.net	2 redirects
2	r.turn.com	vncare.net
2	ad.turn.com	2 redirects
2	googleads4.g.doubleclick.net	vncare.net
2	www.clarity.ms	vncare.net www.clarity.ms
2	www.googletagmanager.com	vncare.net
1	c.bing.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	pixel-sync.sitescout.com	googleads.g.doubleclick.net
1	sync-tm.everesttech.net	1 redirects
1	um.simpli.fi	1 redirects
1	s0.2mdn.net	googleads.g.doubleclick.net
1	vcdn.subiz-cdn.com	widget.subiz.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.de	vncare.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	widget.subiz.net	vncare.net
1	angelbeauty.com.vn	vncare.net
1	theme.hstatic.net	vncare.net
1	xmebeauty.com	vncare.net
1	thammyviengangwhoo.vn	vncare.net
1	healthcare247.asia	1 redirects
0	payment-api.vietnamkhoemanh.vn Failed	vncare.net
174	50

This site contains links to these domains. Also see Links.

Domain
www.kotex.com.vn
reviewdep247.blogspot.com
www.eucerin.vn
vitaclinic.vn
www.huggies.com.vn
chamsocmevabekhoemanh.blogspot.com
bomevabe123.blogspot.com
maps.google.com

Subject Issuer	Validity	Valid
vncare.net Sectigo RSA Domain Validation Secure Server CA	`2022-06-08` - `2023-06-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
thammyviengangwhoo.vn R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
webmail.xmebeauty.com R3	`2023-01-24` - `2023-04-24`	3 months	crt.sh
angelbeauty.com.vn Sectigo RSA Domain Validation Secure Server CA	`2022-11-23` - `2023-12-24`	a year	crt.sh
*.subiz.net GTS CA 1P5	`2023-03-03` - `2023-06-01`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
vcdn.subiz-cdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-17` - `2023-06-17`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
api.sbz.vn Sectigo RSA Domain Validation Secure Server CA	`2022-08-15` - `2023-07-19`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://vncare.net/
Frame ID: 3FFC4234C08EE6D6BB10409F54D7F651
Requests: 63 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/zrt_lookup.html
Frame ID: 5BE35125BD1FA7A826F3F6090838E91D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&adk=1812271804&adf=3025194257&lmt=1679159645&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fvncare.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159645226&bpp=7&bdt=1280&idt=281&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=503987971305&frm=20&pv=2&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=318
Frame ID: 0F1B43B2EEBFE4BAE2E786D4802BEBB9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=2119092829&adf=1056625411&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1679159645&rafmt=1&to=qs&pwprc=7526812580&format=1200x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159645233&bpp=2&bdt=1288&idt=318&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=113&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=00XUbRfuUA&p=https%3A//vncare.net&dtd=321
Frame ID: 9A4928F3B8EB8DD1BA523945657650A1
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=4021405283&pi=t.aa~a.2129858836~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=2&bdt=2192&idt=-M&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280&nras=3&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=1378&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=St7qye3u5E&p=https%3A//vncare.net&dtd=68
Frame ID: 9D5695873DB321BB3BDDC0AB5317AC9C
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=4005583156&pi=t.aa~a.2129838750~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=2&bdt=2192&idt=-M&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280%2C1182x280&nras=4&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=2033&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xdURMkbjTf&p=https%3A//vncare.net&dtd=73
Frame ID: 73084079CB068562D2E0692556459152
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=2457907049&pi=t.aa~a.2129839751~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=1&bdt=2192&idt=1&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280%2C1182x280%2C1182x280&nras=5&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=2688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=2EdjGQootg&p=https%3A//vncare.net&dtd=77
Frame ID: D01AE46DF0A615D52E2DB682223B37C6
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1A83982D4181510399BDB720A26B92E6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmw9gIQ_bPr_AEYnYrW4QEwAQ&v=APEucNW3ob5B6effSpQSrewlaWsIG6AMuYc23Tp55J2UOBQMV3Wnol2V0EQPUZOe6bLzTYoHjbh1mD7Bi0sTTIY-tK9sYVU6Xkd92tVnIEoei4MNDiB3uuM8oj9_t87_bCWAdMws7dBoVGCnYqSyzkw2ANcij42V0ZSaL8FIXPgAkIEtwoF_MK4
Frame ID: F510D317A8808880D6E77F82019D09C1
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js
Frame ID: 9A6E1E03CE3E40C4ED4834A5436623D1
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AA21EF09873A475EBC62FD6466A4E7A5
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FFF88F53FAB7108F7918BDB5E1AEA1B2
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js
Frame ID: 31F7CF01A34A139030B16D666C2C1FE6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js
Frame ID: 5806A0C2840F8ECB3C09233B28D27A00
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 06892CE66E7CAAFF579CF34B69CAAB4C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js
Frame ID: 60A8D8DD260053AABF2122BEBC52E85F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B2212372683BCC5F8E17579D083A55AB
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js
Frame ID: 87DA50DCFACCE8CF958A00CC482D7721
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 716FDCA05B964F3C6C1CC701EF6D60E0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 54424CBCD460631936CC7520A7ADB83C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

VNCARE: Tìm Bệnh Viện, Phòng Khám, Nhà Thuốc, Tin Tức Sức Khoẻ,COVID-19

Page URL History Show full URLs

https://healthcare247.asia/ HTTP 301
http://vncare.net/ HTTP 301
https://vncare.net/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

174
Requests

86 %
HTTPS

53 %
IPv6

38
Domains

50
Subdomains

38
IPs

10
Countries

3061 kB
Transfer

6138 kB
Size

37
Cookies

144 Outgoing links

These are links going to different origins than the main page.

URL: https://www.kotex.com.vn/
Title: Chuyện bạn gái

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/tinh-yeu--gioi-tinh/status-tha-thinh-crush
Title: Status thả thính crush

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/tinh-yeu--gioi-tinh/stt-tha-thinh-ngot-ngao
Title: Stt thả thính ngọt ngào

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/tinh-yeu--gioi-tinh/valentine-trang
Title: Valentine trắng

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/tinh-yeu--gioi-tinh/qua-valentine
Title: Quà valentine

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/tinh-yeu--gioi-tinh/loi-chuc-valentine
Title: Lời chúc Valentine

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/tinh-yeu--gioi-tinh/loi-chuc-sinh-nhat-nguoi-yeu
Title: Lời chúc sinh nhật người yêu

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/tinh-yeu--gioi-tinh/8-3-la-ngay-gi
Title: 8/3 là ngày gì

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/tinh-yeu--gioi-tinh/loi-chuc-8-3
Title: Lời chúc 8/3

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/co-the-ban-gai/pha-trinh
Title: Phá trinh

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/khi-hu-la-gi
Title: Khí hư là gì

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/dung-coc-nguyet-san-co-quan-he-duoc-khong
Title: Dùng cốc nguyệt san có quan hệ được không

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/tinh-yeu--gioi-tinh/mat-trinh-roi-co-kinh-nguyet-khong
Title: Mất trinh rồi có kinh nguyệt không

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/tinh-yeu--gioi-tinh/quan-he-bang-tay-co-mat-trinh-khong
Title: Quan hệ bằng tay có mất trinh không

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/co-the-ban-gai/di-ung-bang-ve-sinh-phai-lam-sao
Title: Dị ứng băng vệ sinh

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/tinh-yeu--gioi-tinh/khi-nang-hon-chang-vai-tuoi
Title: Yêu người hơn tuổi

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/5-luu-y-de-ban-gai-dung-bang-ve-sinh-dung-cach
Title: Cách sử dụng băng vệ sinh

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/mach-ban-cach-dung-bang-ve-sinh-khong-bi-tran-trong-ngay-den-do
Title: Cách đeo băng vệ sinh

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/huong-dan-teengirl-cach-dung-bang-ve-sinh
Title: Cách dùng băng vệ sinh

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/quan-he-ra-mau-truoc-ngay-kinh
Title: Quan hệ ra máu trước ngày kinh

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/6-dieu-cac-co-nang-nen-biet-ve-tampon
Title: Cách sử dụng Tampon

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/tinh-yeu--gioi-tinh/dat-biet-danh-cho-nguoi-yeu-nam
Title: Đặt biệt danh cho người yêu nam

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/tinh-yeu--gioi-tinh/tren-tinh-ban-duoi-tinh-yeu-la-gi/
Title: Trên tình bạn dưới tình yêu là gì

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/co-the-ban-gai/gai-con-trinh/
Title: Gái còn trinh

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/tinh-yeu--gioi-tinh/dau-hieu-uong-thuoc-tranh-thai-khan-cap-thanh-cong
Title: Dấu hiệu uống thuốc tránh thai khẩn cấp thành công

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/que-thu-rung-trung
Title: Que thử rụng trứng

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/mang-trinh-la-gi
Title: Màng trinh

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/tinh-yeu--gioi-tinh/biet-danh-cho-nguoi-yeu
Title: Biệt danh cho ny

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/cach-tay-vet-mau-kinh-nguyet-tren-quan-ao
Title: Cách Tẩy Vết Máu Kinh Nguyệt Trên Quần Áo

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/khi-hu-mau-nau-sau-ky-kinh-nguyet-1-tuan
Title: Khí hư màu nâu sau kỳ kinh nguyệt 1 tuần

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/roi-loan-kinh-nguyet-sau-khi-ngung-thuoc-tranh-thai
Title: Rối loạn kinh nguyệt sau khi ngừng thuốc tránh thai

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/tinh-yeu--gioi-tinh/uong-thuoc-tranh-thai-khan-cap-bi-tre-kinh-phai-lam-sao
Title: Uống thuốc tránh thai khẩn cấp bị trễ kinh

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/tinh-yeu--gioi-tinh/biet-danh-cho-nguoi-yeu-bang-tieng-han
Title: Biệt danh cho người yêu bằng tiếng hàn

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/tinh-yeu--gioi-tinh/biet-danh-hay-cho-minh
Title: Biệt danh hay cho mình

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/cach-tinh-ngay-rung-trung-rung-trung-la-gi-va-8-bieu-hien-rung-trung
Title: Ngày rụng trứng là gì

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/tinh-yeu--gioi-tinh/gan-toi-ngay-kinh-nguyet-quan-he-co-sao-khong
Title: Gần tới ngày kinh nguyệt quan hệ có sao không

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/tre-kinh-bao-lau-thi-co-thai
Title: Trễ kinh bao lâu thì có thai

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/tre-kinh-bao-nhieu-ngay-la-binh-thuong
Title: Trễ kinh bao nhiêu ngày là bình thường

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/tinh-yeu--gioi-tinh/cach-bat-chuyen-voi-crush
Title: Cách bắt chuyện với crush

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/que-thu-thai-1-vach
Title: Que thử thai 1 vạch

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/kinh-nguyet-ra-nhieu-cuc-mau-dong-co-binh-thuong
Title: Kinh nguyệt ra nhiều cục máu đông

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/tinh-yeu--gioi-tinh/hickey-la-gi
Title: Hickey là gì

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/co-the-ban-gai/ve-sinh-vung-kin-dung-cach-voi-bi-quyet-dan-gian
Title: Cách Vệ Sinh Vùng Kín Đúng Cách

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/tinh-yeu--gioi-tinh/crush-la-gi
Title: Crush là gì

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/tinh-yeu--gioi-tinh/dau-la-loai-thuoc-tranh-thai-khong-tang-can
Title: Các loại thuốc tránh thai không tăng cân

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/suy-giam-noi-tiet-to-nu-la-gi
Title: Suy giảm nội tiết tố nữ là gì?

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/tinh-yeu--gioi-tinh/quan-he-khi-co-kinh-nguyet-ngay-cuoi-co-thai-khong
Title: Quan hệ khi có kinh nguyệt ngày cuối

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/mau-mau-kinh-nguyet-the-nao-la-binh-thuong
Title: Màu sắc máu kinh nguyệt

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/co-the-ban-gai/ra-huyet-trang-bao-lau-co-kinh
Title: Ra huyết trắng bao lâu có kinh

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/xem-boi-kinh-nguyet
Title: Bói kinh nguyệt

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/tinh-yeu--gioi-tinh/4-cach-chua-benh-luy-tinh
Title: Lụy tình là gì?

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/tinh-yeu--gioi-tinh/thuoc-tranh-thai-khan-cap-120h-va-nhung-dieu-can-biet
Title: Thuốc tránh thai khẩn cấp 120h

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/co-the-ban-gai/hieu-dung-ve-mang-trinh-va-dau-hieu-mat-trinh
Title: Mất trình là gì

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/dau-hieu-mang-thai
Title: Dấu hiệu mang thai

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/tinh-yeu--gioi-tinh/bang-hoang-truoc-tam-su-tham-kin-cua-phu-nu
Title: Tâm sự thầm kín chuyện phòng the

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/hon-moi-co-bau-hay-khong
Title: Hôn môi có bầu không

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/cach-tinh-ngay-rung-trung
Title: Cách tính ngày rụng trứng

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/dung-tampon-co-boi-duoc-khong
Title: Dùng tampon có bơi được không

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/chu-ky-kinh-nguyet
Title: Chu kỳ kinh nguyệt

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/dau-nhu-hoa-truoc-ky-kinh-nguyet
Title: Đau nhũ hoa trước kỳ kinh nguyệt

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/uong-nuoc-ngai-cuu-dieu-hoa-kinh-nguyet
Title: Uống Ngải Cứu Điều Hoà Kinh Nguyệt

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/cach-tranh-thai-theo-chu-ky-kinh-nguyet
Title: Cách tránh thai theo chu kỳ kinh nguyệt

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/cach-tinh-ngay-rung-trung-cho-chu-ki-kinh-nguyet-35-40-ngay
Title: Chu kỳ kinh nguyệt 35 40 ngày

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/kinh-nguyet-mau-den
Title: Kinh nguyệt màu đen

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/progesterone
Title: Progesterone là gì

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/thuoc-giam-dau-bung-kinh
Title: Thuốc giảm đau bụng kinh

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/rong-kinh-la-gi
Title: Rong kinh

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/giai-dap-ve-kinh-nguyet-khong-deu
Title: Kinh nguyệt không đều

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/bi-tre-kinh-uong-gi-cho-ra-mau
Title: Bị trễ kinh uống gì cho máu ra

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/uong-cao-ich-mau-bao-lau-co-kinh
Title: Uống cao ích mẫu bao lâu thì có kinh

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/cao-ich-mau-co-tac-dung-gi-co-nen-uong-cao-ich-mau-khi-co-kinh
Title: Cao ích mẫu có tác dụng gì?

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/phan-biet-co-kinh-tre-va-mang-thai
Title: Sự khác nhau giữa chậm kinh và mang thai

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/het-kinh-10-ngay-lai-ra-mau-nau
Title: Hết kinh 10 ngày lại ra máu nâu

Search URL Search Domain Scan URL

URL: https://reviewdep247.blogspot.com/search/label/Eucerin
Title: Chăm sóc da

Search URL Search Domain Scan URL

URL: https://www.eucerin.vn/van-de-cua-da/da-bi-mun-trung-ca/nan-mun-xong-nen-lam-gi
Title: Nặn mụn xong nên làm gì

Search URL Search Domain Scan URL

URL: https://www.eucerin.vn/van-de-cua-da/da-bi-mun-trung-ca/cach-tri-mun-boc
Title: Cách trị mụn bọc

Search URL Search Domain Scan URL

URL: https://www.eucerin.vn/van-de-cua-da/da-bi-mun-trung-ca/mun-dau-den-o-mui
Title: Mụn đầu đen ở mũi

Search URL Search Domain Scan URL

URL: https://www.eucerin.vn/van-de-cua-da/da-bi-mun-trung-ca/mun-boc-o-mui
Title: Mụn bọc ở mũi

Search URL Search Domain Scan URL

URL: https://www.eucerin.vn/van-de-cua-da/da-bi-mun-trung-ca/mun-boc-o-cam
Title: Mụn bọc ở cằm

Search URL Search Domain Scan URL

URL: https://www.eucerin.vn/van-de-cua-da/da-bi-mun-trung-ca/cach-tri-mun-mu
Title: Cách trị mụn mủ

Search URL Search Domain Scan URL

URL: https://vitaclinic.vn/vi/blog/cach-tri-seo-ro
Title: Cách trị sẹo rỗ

Search URL Search Domain Scan URL

URL: https://www.eucerin.vn/van-de-cua-da/da-bi-mun-trung-ca/cach-tri-mun-an-duoi-da
Title: Cách trị mụn

Search URL Search Domain Scan URL

URL: https://www.eucerin.vn/van-de-cua-da/da-bi-mun-trung-ca/cach-tri-mun-dau-trang
Title: Cách trị mụn đầu trắng

Search URL Search Domain Scan URL

URL: https://www.eucerin.vn/van-de-cua-da/da-bi-mun-trung-ca/cac-buoc-skincare-cho-da-mun
Title: Các bước chăm sóc da mụn

Search URL Search Domain Scan URL

URL: https://www.eucerin.vn/van-de-cua-da/nam-da/tinh-chat-trang-da
Title: Tinh chất trắng da

Search URL Search Domain Scan URL

URL: https://www.eucerin.vn/van-de-cua-da/da-bi-mun-trung-ca/cach-cham-soc-da-mun
Title: Cách chăm sóc da mụn

Search URL Search Domain Scan URL

URL: https://www.eucerin.vn/van-de-cua-da/da-bi-mun-trung-ca/cham-soc-da-dau-mun
Title: Chăm sóc da mụn

Search URL Search Domain Scan URL

URL: https://www.eucerin.vn/van-de-cua-da/nam-da/serum-tri-nam-tan-nhang-tot-nhat-hien-nay
Title: Serum trị nám tàn nhang tốt nhất hiện nay

Search URL Search Domain Scan URL

URL: https://www.eucerin.vn/van-de-cua-da/nam-da/cach-tri-nam-tot-nhat-hien-nay
Title: Cách trị nám tốt nhất hiện nay

Search URL Search Domain Scan URL

URL: https://www.eucerin.vn/van-de-cua-da/nam-da/nguyen-nhan-gay-nam-da
Title: Nguyên nhân gây nám da

Search URL Search Domain Scan URL

URL: https://reviewdep247.blogspot.com/2022/05/quy-trinh-cac-buoc-skincare-cho-da-dau.html
Title: EUCERIN

Search URL Search Domain Scan URL

URL: https://vitaclinic.vn/
Title: VITAClinic

Search URL Search Domain Scan URL

URL: https://vitaclinic.vn/vi/blog/cac-loai-mun
Title: Các loại mụn

Search URL Search Domain Scan URL

URL: https://vitaclinic.vn/vi/blog/chia-se-kinh-nghiem-lam-hong-vung-kin
Title: Làm hồng cô bé

Search URL Search Domain Scan URL

URL: https://vitaclinic.vn/vi/blog/detox-la-gi
Title: Detox là gì

Search URL Search Domain Scan URL

URL: https://vitaclinic.vn/vi/blog/6-phuong-phap-giam-beo-mat-than-toc-trong-5-ngay-ma-ban-khong-the-bo-lo
Title: Cách giảm mỡ mặt

Search URL Search Domain Scan URL

URL: https://vitaclinic.vn/vi/blog/cach-tri-tham-mat
Title: Cách trị thâm mắt

Search URL Search Domain Scan URL

URL: https://vitaclinic.vn/vi/blog/tai-tao-da
Title: Tái tạo da

Search URL Search Domain Scan URL

URL: https://vitaclinic.vn/vi/blog/bha-la-gi
Title: BHA là gì

Search URL Search Domain Scan URL

URL: https://vitaclinic.vn/vi/blog/nhung-benh-khong-nen-uong-collagen
Title: Những bệnh không nên uống collagen

Search URL Search Domain Scan URL

URL: https://vitaclinic.vn/vi/blog/tham-my-vien-tphcm
Title: Các thẩm mỹ viện uy tín tại TPHCM

Search URL Search Domain Scan URL

URL: https://vitaclinic.vn/vi/blog/spa-cham-soc-da-mat-cho-nam
Title: Spa chăm sóc da mặt cho nam

Search URL Search Domain Scan URL

URL: https://vitaclinic.vn/vi/blog/tri-nam-o-dau-tot-tphcm
Title: Trị nám ở đâu tốt TP.HCM

Search URL Search Domain Scan URL

URL: https://vitaclinic.vn/vi/blog/mot-qua-tao-chua-bao-nhieu-calo
Title: Một quả táo chứa bao nhiêu calo

Search URL Search Domain Scan URL

URL: https://www.huggies.com.vn/cham-soc-be
Title: Chăm sóc bé

Search URL Search Domain Scan URL

URL: https://www.huggies.com.vn/san-pham
Title: Tã dán, Bỉm dán Huggies

Search URL Search Domain Scan URL

URL: https://chamsocmevabekhoemanh.blogspot.com/2022/06/bang-chieu-cao-can-nang-cua-con-trai.html
Title: Bảng chiều cao cân nặng của bé trai

Search URL Search Domain Scan URL

URL: https://www.huggies.com.vn/mang-thai/tam-ca-nguyet-dau-tien/du-doan-gioi-tinh-cua-be/du-doan-gioi-tinh-thai-nhi-qua-dau-hieu-om-nghen
Title: Dự đoán giới tính thai nhi

Search URL Search Domain Scan URL

URL: https://www.huggies.com.vn/cham-soc-be/cham-soc-suc-khoe-cho-be/cac-tuan-khung-hoang-cua-be-hay-wonder-week-cua-tre-me-da-biet
Title: Tuần khủng hoảng Wonder Week

Search URL Search Domain Scan URL

URL: https://bomevabe123.blogspot.com/2022/05/dau-hieu-sap-sinh-ma-bo-me-can-luu-y.html
Title: Dấu hiệu sắp sinh

Search URL Search Domain Scan URL

URL: https://bomevabe123.blogspot.com/2022/05/tre-so-sinh.html
Title: Cách chăm sóc trẻ sơ sinh

Search URL Search Domain Scan URL

URL: https://www.huggies.com.vn/cham-soc-be/thuc-pham-va-thuc-an-cho-be/thuc-don-an-dam-cho-tre-6-thang-tuoi
Title: Thực đơn ăn dặm cho bé 6 tháng

Search URL Search Domain Scan URL

URL: https://www.huggies.com.vn/cham-soc-be/thuc-pham-va-thuc-an-cho-be/thuc-don-an-dam-cho-be-5-thang-tuoi
Title: Thực đơn ăn dặm cho bé 5 tháng

Search URL Search Domain Scan URL

URL: https://www.huggies.com.vn/cham-soc-be/cac-su-kien-quan-trong-cua-be/su-phat-trien-cua-be/tre-may-thang-moc-rang-dau-hieu-tre-moc-rang
Title: Trẻ mấy tháng mọc răng

Search URL Search Domain Scan URL

URL: https://www.huggies.com.vn/mang-thai/thai-nhi-theo-tuan/bang-can-nang-thai-nhi-theo-tuan
Title: Bảng cân nặng thai nhi theo tuần

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/co-the-ban-gai/mat-trinh-o-nam-gioi
Title: Mất trinh ở nam giới

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/co-the-ban-gai/mat-trinh-o-tuoi-15
Title: Mất trinh ở tuổi 15

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/cach-tinh-sinh-con-trai
Title: Cách tính sinh con trai năm 2023 chuẩn xác

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/tinh-yeu--gioi-tinh/cap-tha-thinh
Title: Cap Thả Thính 2023

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/tinh-yeu--gioi-tinh/si-tinh-la-gi
Title: Si tình là gì

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/tinh-yeu--gioi-tinh/biet-danh-tieng-anh-hay-cho-nu
Title: Biệt danh tiếng anh hay cho nữ

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/tinh-yeu--gioi-tinh/biet-danh-cho-ban-than
Title: Biệt danh cho bạn thân

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/tinh-yeu--gioi-tinh/nhung-cau-noi-hay-ve-tinh-yeu
Title: Tổng Hợp Những Câu Nói Hay Về Tình Yêu

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/tinh-yeu--gioi-tinh/yeu-don-phuong-la-gi
Title: Yêu Đơn Phương Là Gì

Search URL Search Domain Scan URL

URL: https://www.huggies.com.vn/dat-ten-cho-be/dat-ten-con-trai-nam-2023
Title: Đặt tên con trai năm 2023

Search URL Search Domain Scan URL

URL: https://www.huggies.com.vn/dat-ten-cho-be/dat-ten-con-gai-sinh-nam-2023
Title: Đặt tên con gái sinh năm 2023

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/cach-tinh-sinh-con-gai
Title: Cách tính sinh con gái

Search URL Search Domain Scan URL

URL: https://www.huggies.com.vn/dat-ten-cho-be/ten-duoc-yeu-thich/ten-be-gai
Title: 3000 Tên con gái hay

Search URL Search Domain Scan URL

URL: https://www.huggies.com.vn/dat-ten-cho-be/ten-duoc-yeu-thich/ten-be-trai
Title: 3000 Tên con trai hay

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/het-kinh-bao-nhieu-ngay-thi-rung-trung
Title: Hết kinh bao nhiêu ngày thì rụng trứng

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/que-thu-thai
Title: Cách đọc que thử thai

Search URL Search Domain Scan URL

URL: https://www.kotex.com.vn/cam-nang-ban-gai/chu-ky/que-thu-thai-2-vach
Title: Que thử thai 2 vạch

Search URL Search Domain Scan URL

URL: https://www.huggies.com.vn/mang-thai/cham-soc-trong-thai-ky/quan-he-tinh-duc-khi-mang-thai/mang-thai-3-thang-dau-co-duoc-quan-he-khong
Title: Bầu 3 tháng đầu quan hệ được không

Search URL Search Domain Scan URL

URL: http://vitaclinic.vn/
Title: Website: http://vitaclinic.vn/

Search URL Search Domain Scan URL

URL: https://maps.google.com/?q=237%20Kh%C3%A1nh%20H%E1%BB%99i,%20Ph%C6%B0%E1%BB%9Dng%205,%20Qu%E1%BA%ADn%204,%20Th%C3%A0nh%20ph%E1%BB%91%20H%E1%BB%93%20Ch%C3%AD%20Minh
Title: 237 Khánh Hội, Phường 5, Quận 4, Thành phố Hồ Chí Minh

Search URL Search Domain Scan URL

URL: https://maps.google.com/?q=49%20Nguy%E1%BB%85n%20H%E1%BB%AFu%20H%C3%A0o,%20Ph%C6%B0%E1%BB%9Dng%209,%20Qu%E1%BA%ADn%204,%20Th%C3%A0nh%20ph%E1%BB%91%20H%E1%BB%93%20Ch%C3%AD%20Minh
Title: 49 Nguyễn Hữu Hào, Phường 9, Quận 4, Thành phố Hồ Chí Minh

Search URL Search Domain Scan URL

URL: https://maps.google.com/?q=740,%20%C4%90o%C3%A0n%20V%C4%83n%20B%C6%A1,%20Ph%C6%B0%E1%BB%9Dng%2016,%20Qu%E1%BA%ADn%204,%20Th%C3%A0nh%20Ph%E1%BB%91%20H%E1%BB%93%20Ch%C3%AD%20Minh
Title: 740, Đoàn Văn Bơ, Phường 16, Quận 4, Thành Phố Hồ Chí Minh

Search URL Search Domain Scan URL

URL: https://maps.google.com/?q=S%E1%BB%91%20008%20Chung%20C%C6%B0%20T%C3%A2n%20V%C4%A9nh,%20S%E1%BB%91%2010C,%20Ph%C6%B0%E1%BB%9Dng%206,%20Qu%E1%BA%ADn%204,%20Th%C3%A0nh%20ph%E1%BB%91%20H%E1%BB%93%20Ch%C3%AD%20Minh
Title: Số 008 Chung Cư Tân Vĩnh, Số 10C, Phường 6, Quận 4, Thành phố Hồ Chí Minh

Search URL Search Domain Scan URL

URL: https://maps.google.com/?q=188A%20X%C3%B3m%20Chi%E1%BA%BFu,%20Ph%C6%B0%E1%BB%9Dng%2014,%20Qu%E1%BA%ADn%204,%20Th%C3%A0nh%20ph%E1%BB%91%20H%E1%BB%93%20Ch%C3%AD%20Minh
Title: 188A Xóm Chiếu, Phường 14, Quận 4, Thành phố Hồ Chí Minh

Search URL Search Domain Scan URL

URL: https://maps.google.com/?q=62%20%C4%90.%20V%C4%A9nh%20H%E1%BB%99i,%20Ph%C6%B0%E1%BB%9Dng%204,%20Qu%E1%BA%ADn%204,%20Th%C3%A0nh%20ph%E1%BB%91%20H%E1%BB%93%20Ch%C3%AD%20Minh
Title: 62 Đ. Vĩnh Hội, Phường 4, Quận 4, Thành phố Hồ Chí Minh

Search URL Search Domain Scan URL

URL: https://maps.google.com/?q=276%20Kh%C3%A1nh%20H%E1%BB%99i,%20Ph%C6%B0%E1%BB%9Dng%205,%20Qu%E1%BA%ADn%204,%20Th%C3%A0nh%20ph%E1%BB%91%20H%E1%BB%93%20Ch%C3%AD%20Minh
Title: 276 Khánh Hội, Phường 5, Quận 4, Thành phố Hồ Chí Minh

Search URL Search Domain Scan URL

URL: https://maps.google.com/?q=10%20V%C4%A9nh%20Kh%C3%A1nh,%20Ph%C6%B0%E1%BB%9Dng%2010,%20Qu%E1%BA%ADn%204,%20Th%C3%A0nh%20ph%E1%BB%91%20H%E1%BB%93%20Ch%C3%AD%20Minh
Title: 10 Vĩnh Khánh, Phường 10, Quận 4, Thành phố Hồ Chí Minh

Search URL Search Domain Scan URL

URL: https://maps.google.com/?q=101%20T%C3%A2n%20V%C4%A9nh,%20Ph%C6%B0%E1%BB%9Dng%206,%20Qu%E1%BA%ADn%204,%20Th%C3%A0nh%20ph%E1%BB%91%20H%E1%BB%93%20Ch%C3%AD%20Minh
Title: 101 Tân Vĩnh, Phường 6, Quận 4, Thành phố Hồ Chí Minh

Search URL Search Domain Scan URL

URL: https://maps.google.com/?q=134/131%20%C4%90o%C3%A0n%20V%C4%83n%20B%C6%A1,%20Ph%C6%B0%E1%BB%9Dng%209,%20Qu%E1%BA%ADn%204,%20Th%C3%A0nh%20ph%E1%BB%91%20H%E1%BB%93%20Ch%C3%AD%20Minh
Title: 134/131 Đoàn Văn Bơ, Phường 9, Quận 4, Thành phố Hồ Chí Minh

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://healthcare247.asia/ HTTP 301
http://vncare.net/ HTTP 301
https://vncare.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMNrCYSAO_zsYNTUwQM4GfE&google_cver=1

Request Chain 67

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZBXxXvCjspw-rmjR-KkcJgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMNrCYSAO_zsYNTUwQM4GfE&google_cver=1

Request Chain 68

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKD8p3HFDg_nCvUr4mObDM0&google_cver=1

Request Chain 69

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjg1MDQzMDk5MzMyNDI0NjIwNw%3D%3D

Request Chain 87

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODAxIivxQEQ2AQY2AQyCEI4uKqUTIEL HTTP 301
https://tpc.googlesyndication.com/simgad/4553853186076129233

Request Chain 107

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEA6ilya-bCJaahp4GBIBK3I&google_cver=1&google_push=Aa02lx8iLqb3943eVr2Ip7ZLpwfK6DO8jm_Um5kds6gTsR0q7O23IY1L14GNMDeUpGbVAmVX-gfMQx-M0P1DpIigZcKMXUi0KnBDxW5XNWmsmTT0p8wZSfE_WYqWzEqqkRYeernn2Rt6twQWcQbhCU9x9MhX1A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzc2MDM0MzI4NjIyNzYwMTc3Nw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKKlWMCnYV-QHmvhANeHLx4&google_cver=1

Request Chain 108

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDRvbr5IvtWLJ74h--2xYaw&google_cver=1&google_push=Aa02lx-v0etPS1kNIQbAv-gxAamzbcISYo69k_lrGrTw21p1qmbCcVLi-zk0BhQOHEtlpa86dlbW2K_BBq5-4K3-3_sCXVZZ2MRcIBmJi7RenQC6Yo8RM-_U9dHfskLws60NaT6rwnMeqnOnl4JV4fc8UAqDPlc HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDRvbr5IvtWLJ74h--2xYaw&google_cver=1&google_push=Aa02lx-v0etPS1kNIQbAv-gxAamzbcISYo69k_lrGrTw21p1qmbCcVLi-zk0BhQOHEtlpa86dlbW2K_BBq5-4K3-3_sCXVZZ2MRcIBmJi7RenQC6Yo8RM-_U9dHfskLws60NaT6rwnMeqnOnl4JV4fc8UAqDPlc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RVlXYnRiNmcxUERBODc1&google_gid=CAESEDRvbr5IvtWLJ74h--2xYaw&google_cver=1&google_push=Aa02lx-v0etPS1kNIQbAv-gxAamzbcISYo69k_lrGrTw21p1qmbCcVLi-zk0BhQOHEtlpa86dlbW2K_BBq5-4K3-3_sCXVZZ2MRcIBmJi7RenQC6Yo8RM-_U9dHfskLws60NaT6rwnMeqnOnl4JV4fc8UAqDPlc

Request Chain 109

https://um.simpli.fi/gp_match?google_gid=CAESEBF4VehzXEyhQLpXNrq4tOw&google_cver=1&google_push=Aa02lx-odsnqNlVpYSo1cHaJnET3gGmpZKFC8hll8quMl3lieKwbk1WtMVPFygBJcjY6XDYQk0nmhfBitNiDNkwprcObrXE5WgaYezeLO6rdAQK110_suW-QIC9yarB8iB6rUKcH3kU8wgWkJnhII776DaBlVAw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FEAB1D33BDF44B7BBB44CD431B10FA88&google_push=Aa02lx-odsnqNlVpYSo1cHaJnET3gGmpZKFC8hll8quMl3lieKwbk1WtMVPFygBJcjY6XDYQk0nmhfBitNiDNkwprcObrXE5WgaYezeLO6rdAQK110_suW-QIC9yarB8iB6rUKcH3kU8wgWkJnhII776DaBlVAw

Request Chain 110

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEsr6SduN5zGfV8wXd9HFfE&google_cver=1&google_push=Aa02lx_00uoAEFR7_g5pz5kMvdQUPDWjfu6y9L2XXiQ3Y_c4zlT8bopjHXUtDkAgF4LxX_GsjiERjvKRPxIuiLpLftR2ITtgFcifPaUx9oTaBVy-EDz_jdfuxRhSPAsLHoAMrLViTeKVTPrTJ-q37f53ntjiAhA HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEsr6SduN5zGfV8wXd9HFfE&google_cver=1&google_push=Aa02lx_00uoAEFR7_g5pz5kMvdQUPDWjfu6y9L2XXiQ3Y_c4zlT8bopjHXUtDkAgF4LxX_GsjiERjvKRPxIuiLpLftR2ITtgFcifPaUx9oTaBVy-EDz_jdfuxRhSPAsLHoAMrLViTeKVTPrTJ-q37f53ntjiAhA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDk4NTk0NTUyNzU2NjA4Nzc2OA&google_push=Aa02lx_00uoAEFR7_g5pz5kMvdQUPDWjfu6y9L2XXiQ3Y_c4zlT8bopjHXUtDkAgF4LxX_GsjiERjvKRPxIuiLpLftR2ITtgFcifPaUx9oTaBVy-EDz_jdfuxRhSPAsLHoAMrLViTeKVTPrTJ-q37f53ntjiAhA

Request Chain 111

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPo7iJoUbiyadHMTpFZVByY&google_cver=1&google_push=Aa02lx-5JYc50X4lKFsmBcDmml5E6Q_zmtKMi3EV_ZFP6n2Mxs6Tk7m2jiORRDGYAs7Ei1niZt13oxIeu4kIJlAO071hknGCVFx8VnBxJvVe3SHwgKk3q0YXAn7anMe08KySS74GgcB7D3ec6dseaJtzQqc7bw HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPo7iJoUbiyadHMTpFZVByY&google_cver=1&google_push=Aa02lx-5JYc50X4lKFsmBcDmml5E6Q_zmtKMi3EV_ZFP6n2Mxs6Tk7m2jiORRDGYAs7Ei1niZt13oxIeu4kIJlAO071hknGCVFx8VnBxJvVe3SHwgKk3q0YXAn7anMe08KySS74GgcB7D3ec6dseaJtzQqc7bw&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=i0mL5YcSSDyxsNTlzLrv3Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-5JYc50X4lKFsmBcDmml5E6Q_zmtKMi3EV_ZFP6n2Mxs6Tk7m2jiORRDGYAs7Ei1niZt13oxIeu4kIJlAO071hknGCVFx8VnBxJvVe3SHwgKk3q0YXAn7anMe08KySS74GgcB7D3ec6dseaJtzQqc7bw

Request Chain 112

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDpvPzWVG74lwYDKdBxWaoI&google_cver=1&google_push=Aa02lx_l1Sod2C3hVfqSR5gougi5DX9nOdseDETJKfYA4lb4cFw1IMwvnbNttJXZkQ3sTuB-k2FJ_4_shzXBhWaGZqsWRTdVLmfalCUxtARY_yWAyBZbXtkHkceNdufdP2nqiQKeP7TRy9oJOKuB73FrmPw5l9M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZFOEFSVjgtMTYtMk9JNQ==&google_push=Aa02lx_l1Sod2C3hVfqSR5gougi5DX9nOdseDETJKfYA4lb4cFw1IMwvnbNttJXZkQ3sTuB-k2FJ_4_shzXBhWaGZqsWRTdVLmfalCUxtARY_yWAyBZbXtkHkceNdufdP2nqiQKeP7TRy9oJOKuB73FrmPw5l9M

Request Chain 113

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELKOpFBuFVjjY-iFiA1qX8s&google_cver=1&google_push=Aa02lx946WXEqF06k4e_voN5sORHaPDsUTA3546jH8B_7Og5swOSrDTmicPCjVRT6ZUpDhooyQC_f7XvRsk0tyQs6urRw1NDXBgJXon6hrdNoRKi0G1hLcmh3ds5p47OLWntLKrf0fbfKuQkBqbOFN6Ozw2nQiY HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELKOpFBuFVjjY-iFiA1qX8s&google_hm=ZBXxXvCjspw_rmjR_KkcJgAABE4AAAAB&google_nid=index&google_push=Aa02lx946WXEqF06k4e_voN5sORHaPDsUTA3546jH8B_7Og5swOSrDTmicPCjVRT6ZUpDhooyQC_f7XvRsk0tyQs6urRw1NDXBgJXon6hrdNoRKi0G1hLcmh3ds5p47OLWntLKrf0fbfKuQkBqbOFN6Ozw2nQiY

Request Chain 139

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKKlWMCnYV-QHmvhANeHLx4&google_cver=1&google_push=Aa02lx-P7SLpJu57DTe5O5TzqaZsb9QQbJoDZ85hZNR7zZGF9JBuWPh2OPviqJ4ilKqsdEwjjcP81q06eD-yj3LHdSzgMjR9ERPbqhIP53q1wK9leiIC4QZ4FCm-OXIT94eXRfR5dTBEENHUV7WpqBZJ8vDuHi8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzc2MDM0MzI4NjIyNzYwMTc3Nw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHwsOS_EJl3zKupw65sVYsY&google_cver=1

Request Chain 140

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEH6awNPdH8lWWhl8GGNUZME&google_cver=1&google_push=Aa02lx8CssIi_7P3kYvC6eSLJeQSe3lgL7TT3hGRqqevoT71EGhKxJzmGH-oP5O-eAs-5mUVP3brv-g3kUB9t0vjlMdtPerXTa0UcI4xLhhBubALIDDk13hgUDxXi6Ssov1LbbcCYsc7oB5zzbxFK3uDC3gbxg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx8CssIi_7P3kYvC6eSLJeQSe3lgL7TT3hGRqqevoT71EGhKxJzmGH-oP5O-eAs-5mUVP3brv-g3kUB9t0vjlMdtPerXTa0UcI4xLhhBubALIDDk13hgUDxXi6Ssov1LbbcCYsc7oB5zzbxFK3uDC3gbxg

Request Chain 141

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEBKQw3K8fXPy0etXfTIgRyY&google_cver=1&google_push=Aa02lx-BfVBTi3wJ6vgeVWhVxUEZS6v-fzqYZvOBZeEnurd8ZCy2iHGo67ewkVbagz-TsDRzb8W-zkl1XyVffYms-wLrYZm_2nlkqZxRUityl4EsWwqbm8s4TFAXa5oeRMERu2erG3KNuykoP1rDCijNuCS1uMU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBKQw3K8fXPy0etXfTIgRyY&google_push=Aa02lx-BfVBTi3wJ6vgeVWhVxUEZS6v-fzqYZvOBZeEnurd8ZCy2iHGo67ewkVbagz-TsDRzb8W-zkl1XyVffYms-wLrYZm_2nlkqZxRUityl4EsWwqbm8s4TFAXa5oeRMERu2erG3KNuykoP1rDCijNuCS1uMU

Request Chain 144

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBL2GnwynsrZ8XYB5KIa0-I&google_cver=1&google_push=Aa02lx_cGgzJyuNLWhlt1lLNqJg4eRdPS5IK07ok3Dg_HGuTBkIhDZtmGeJpjezfYhsl9j-i4y93SA6Lfo_6xJlE8_hJfStvMGaJTU8aQmSD12vkqYmztxR1H24JIC30GDFjACDSkgNfsu-p8q4Sb2TAXj6K0A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzEzMDgyNTI2MTE1MzM5MzcyMg&google_push=Aa02lx_cGgzJyuNLWhlt1lLNqJg4eRdPS5IK07ok3Dg_HGuTBkIhDZtmGeJpjezfYhsl9j-i4y93SA6Lfo_6xJlE8_hJfStvMGaJTU8aQmSD12vkqYmztxR1H24JIC30GDFjACDSkgNfsu-p8q4Sb2TAXj6K0A

Request Chain 145

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPUBV2-K0OL0472K7HypMmI&google_cver=1&google_push=Aa02lx9BFsK-Xx718PMrUXY8E8S9lAqoulQ2IEyOjuGuUglyvM63MUTbR7ImjuQhDfKDBD8p9B2AAWNckXnQJIOEh1gXiL_aS7IU_CuMMWpzn-QM6mvQTVosFX_Vebrcm0dDJSyNbGsaJRxVVhPB4FztOu-oOg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZFOEFSWVEtQS1LU0hS&google_push=Aa02lx9BFsK-Xx718PMrUXY8E8S9lAqoulQ2IEyOjuGuUglyvM63MUTbR7ImjuQhDfKDBD8p9B2AAWNckXnQJIOEh1gXiL_aS7IU_CuMMWpzn-QM6mvQTVosFX_Vebrcm0dDJSyNbGsaJRxVVhPB4FztOu-oOg

Request Chain 155

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELvjAPCc90yiU9MxHo6SbGM&google_cver=1&google_push=Aa02lx-ts92P5d906GnvMYIk0rqTXkUZeASLnwL8-6CUiBKV531qOXokt2EO-teAk763HJ0l3wcMWFRhSEB34VilMLmY5dcHR456vw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=3lRkFfFfQACgmwKS_lVNiA&google_push=Aa02lx-ts92P5d906GnvMYIk0rqTXkUZeASLnwL8-6CUiBKV531qOXokt2EO-teAk763HJ0l3wcMWFRhSEB34VilMLmY5dcHR456vw

Request Chain 157

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEG2lmXk_CPWYjGajazKidIw&google_cver=1&google_push=Aa02lx9VuPI5obQD6gbRGBSSyQn4jOhqxB_V07uijRYsXPAp_64U_ZSDcUZI2HEH2C96sdMA0VliQs0L6UvmtHDdovoz5ssGN6CNLw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9VuPI5obQD6gbRGBSSyQn4jOhqxB_V07uijRYsXPAp_64U_ZSDcUZI2HEH2C96sdMA0VliQs0L6UvmtHDdovoz5ssGN6CNLw&google_hm=eS1tWWdQb3hCRTJwRmlUU2poN21weXFCNjRFMDZ2ckZhT35B

Request Chain 158

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFqcQjEnVTflH5F3du0QQK0&google_cver=1&google_push=Aa02lx_1YpZRXZipQ7gwpwpH6db2A_mW8jM5tmaWHI7YJn5k3UEHiLLOr1XjkI1rOXYEXOGoDWaKv8cj18NDIpLQCcNubuWBsTIHdA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzEzMDgyNTI2MTE1MzM5MzcyMg&google_push=Aa02lx_1YpZRXZipQ7gwpwpH6db2A_mW8jM5tmaWHI7YJn5k3UEHiLLOr1XjkI1rOXYEXOGoDWaKv8cj18NDIpLQCcNubuWBsTIHdA

Request Chain 159

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFHWktzENpFrKigLxYKwox0&google_cver=1&google_push=Aa02lx8fAwbOgh5FPwMjm58Je9itMXO45Dpj-C3KZ1b4EJOmMWicdLd6phRzpcMdVvzmRPSMKXx2WjPaBg7mil64rUBGOznsT3twGw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=i0mL5YcSSDyxsNTlzLrv3Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx8fAwbOgh5FPwMjm58Je9itMXO45Dpj-C3KZ1b4EJOmMWicdLd6phRzpcMdVvzmRPSMKXx2WjPaBg7mil64rUBGOznsT3twGw

Request Chain 160

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEG20B_rJGVi6Bi58rY_u8gU&google_cver=1&google_push=Aa02lx_TYu-aORt0GKPwd_sqkrzkis1Dmzfs_UM5ovN0MCUs519T9kEWdUfiCRsimE1Agwj_11TxxYfYj7n1Me_-05_RD6XxS1N97Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEG20B_rJGVi6Bi58rY_u8gU&google_hm=ZBXxXvCjspw_rmjR_KkcJgAABE4AAAAB&google_nid=index&google_push=Aa02lx_TYu-aORt0GKPwd_sqkrzkis1Dmzfs_UM5ovN0MCUs519T9kEWdUfiCRsimE1Agwj_11TxxYfYj7n1Me_-05_RD6XxS1N97Q

Request Chain 172

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=640D218BBD43472DABA0C72C7014C18A&RedC=c.clarity.ms&MXFR=313393FEA5926A362D6A8126A192640B HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=640D218BBD43472DABA0C72C7014C18A&MUID=20654D544E5260FF2AA75F8C4F526122

174 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
vncare.net/
Redirect Chain

https://healthcare247.asia/
http://vncare.net/
https://vncare.net/

290 KB
25 KB

2528ms
2092ms

Document
text/html

103.229.193.244
VIETNAMHOST-AS-VN...

General

Check archive.org

Show headers Download Go to

Full URL: https://vncare.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.229.193.244 , Viet Nam, ASN131404 (VIETNAMHOST-AS-VN Masters Technology Corporation, VN),
Reverse DNS: static.vietnamhost.com.vn
Software: nginx / PHP/8.0.8RC1
Resource Hash: 54c851c871992798d1f48674a01f6c182125a80fb67ec8abc1e777de5681adae

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 18 Mar 2023 17:14:01 GMT
Keep-Alive: timeout=60
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/8.0.8RC1

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Sat, 18 Mar 2023 17:14:01 GMT
Keep-Alive: timeout=60
Location: https://vncare.net/
Server: nginx

GET
H/1.1 200
OK bootstrap.min.css
vncare.net/assets/css/ 152 KB
23 KB 311ms
276ms Stylesheet
text/css 103.229.193.244
VIETNAMHOST-AS-VN...

General

Check archive.org

Show headers Download Go to

Full URL: https://vncare.net/assets/css/bootstrap.min.css
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.229.193.244 , Viet Nam, ASN131404 (VIETNAMHOST-AS-VN Masters Technology Corporation, VN),
Reverse DNS: static.vietnamhost.com.vn
Software: nginx /
Resource Hash: 60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 17:14:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Jul 2021 02:01:52 GMT
Server: nginx
ETag: W/"60f4dd10-2606e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK fontawesome-health.css
vncare.net/assets/css/ 69 KB
13 KB 569ms
242ms Stylesheet
text/css 103.229.193.244
VIETNAMHOST-AS-VN...

General

Check archive.org

Show headers Download Go to

Full URL: https://vncare.net/assets/css/fontawesome-health.css
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.229.193.244 , Viet Nam, ASN131404 (VIETNAMHOST-AS-VN Masters Technology Corporation, VN),
Reverse DNS: static.vietnamhost.com.vn
Software: nginx /
Resource Hash: 7802ab7abd053752bebf764dbf39c389fa17e47909fcdd317225f39efa6de14f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 17:14:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Jul 2021 02:01:52 GMT
Server: nginx
ETag: W/"60f4dd10-1151e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.flexdatalist.min.css
vncare.net/assets/css/ 2 KB
1 KB 630ms
209ms Stylesheet
text/css 103.229.193.244
VIETNAMHOST-AS-VN...

General

Check archive.org

Show headers Download Go to

Full URL: https://vncare.net/assets/css/jquery.flexdatalist.min.css
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.229.193.244 , Viet Nam, ASN131404 (VIETNAMHOST-AS-VN Masters Technology Corporation, VN),
Reverse DNS: static.vietnamhost.com.vn
Software: nginx /
Resource Hash: 588a98c5d700038bc5528578f20210806bd6cd2120193f14241c58badbfe7e7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 17:14:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Jul 2021 02:01:52 GMT
Server: nginx
ETag: W/"60f4dd10-74d"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK main.css
vncare.net/assets/css/ 269 KB
35 KB 926ms
484ms Stylesheet
text/css 103.229.193.244
VIETNAMHOST-AS-VN...

General

Check archive.org

Show headers Download Go to

Full URL: https://vncare.net/assets/css/main.css?ver=1.5.3
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.229.193.244 , Viet Nam, ASN131404 (VIETNAMHOST-AS-VN Masters Technology Corporation, VN),
Reverse DNS: static.vietnamhost.com.vn
Software: nginx /
Resource Hash: ff6b89f29d4ba3d9f62a868f6735294942e07d9730ba38fd2ba70f77b3d58fc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 17:14:04 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Jul 2021 04:18:54 GMT
Server: nginx
ETag: W/"61022c2e-4337d"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 81ms
23ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Serif:ital,wght@0,400;0,700;1,400;1,700&display=swap

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fac5da0573738445914239b601391b9f2ac194e543b7a0400a8bbee267b97f3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 18 Mar 2023 17:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 18 Mar 2023 15:40:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 Mar 2023 17:14:04 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/ 58 KB
11 KB 32ms
13ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:14:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3938605
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10491
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-e7d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c2qhL9HbXdfWaRPq2s2Bn4oyY9lJO9acu7Fli6JA6Rzwe9Q4%2B2L6t1ofOr3tdt%2B31q5u8Di7dh30Y%2BS%2BFgJ6r0bLQ60IMuk%2FCGjvtcaZF0%2B7ElU2R89tsl1ulmmf9CR6V69GoHXPvMwJrMsZz0gjdc50"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a9f1c1eda2c3835-FRA
expires: Thu, 07 Mar 2024 17:14:03 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
48 KB 102ms
63ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5581868270899806

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6f68d6ee8946bb5f58fd6f6182c56bf320f9f0da1ffa2ec6ad5041e496cc6b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vncare.net/
Origin: https://vncare.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:14:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48860
x-xss-protection: 0
server: cafe
etag: 10621417225394353884
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 18 Mar 2023 17:14:05 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 100ms
40ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-155281519-2

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b7ae8d90295fac643f1a8f4b0f687d62f052f902a75261898f826355c31f6373

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:14:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44658
x-xss-protection: 0
last-modified: Sat, 18 Mar 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 18 Mar 2023 17:14:05 GMT

GET
H/1.1 200
OK logo.jpg
vncare.net/assets/images/ 61 KB
62 KB 257ms
251ms Image
image/jpeg 103.229.193.244
VIETNAMHOST-AS-VN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vncare.net/assets/images/logo.jpg
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.229.193.244 , Viet Nam, ASN131404 (VIETNAMHOST-AS-VN Masters Technology Corporation, VN),
Reverse DNS: static.vietnamhost.com.vn
Software: nginx /
Resource Hash: 7611c948d6e3081c934a24046221a11dc812a5394405eb0680f8f7e75f174670

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 17:14:04 GMT
Last-Modified: Mon, 19 Jul 2021 06:31:14 GMT
Server: nginx
ETag: "60f51c32-f571"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 62833
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.min.js Show response
vncare.net/assets/js/ 85 KB
30 KB 424ms
424ms Script
application/javascript 103.229.193.244
VIETNAMHOST-AS-VN...

General

Check archive.org

Show headers Download Go to

Full URL: https://vncare.net/assets/js/jquery.min.js
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.229.193.244 , Viet Nam, ASN131404 (VIETNAMHOST-AS-VN Masters Technology Corporation, VN),
Reverse DNS: static.vietnamhost.com.vn
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 17:14:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Jul 2021 02:01:52 GMT
Server: nginx
ETag: W/"60f4dd10-1538f"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
vncare.net/assets/js/ 11 KB
4 KB 220ms
220ms Script
application/javascript 103.229.193.244
VIETNAMHOST-AS-VN...

General

Check archive.org

Show headers Download Go to

Full URL: https://vncare.net/assets/js/jquery-migrate.min.js
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.229.193.244 , Viet Nam, ASN131404 (VIETNAMHOST-AS-VN Masters Technology Corporation, VN),
Reverse DNS: static.vietnamhost.com.vn
Software: nginx /
Resource Hash: 1743b54e611ae08f0ddb89d8d1bc9ae7d78feacbd672c86a5f5bb3c1a582e05e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 17:14:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Jul 2021 02:01:52 GMT
Server: nginx
ETag: W/"60f4dd10-2c9d"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bootstrap.bundle.js Show response
vncare.net/assets/js/ 218 KB
47 KB 273ms
273ms Script
application/javascript 103.229.193.244
VIETNAMHOST-AS-VN...

General

Check archive.org

Show headers Download Go to

Full URL: https://vncare.net/assets/js/bootstrap.bundle.js
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.229.193.244 , Viet Nam, ASN131404 (VIETNAMHOST-AS-VN Masters Technology Corporation, VN),
Reverse DNS: static.vietnamhost.com.vn
Software: nginx /
Resource Hash: a55ade67aedf45a013ca01c5e93fa042d175348ef4d16f64cde022beee9abbd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 17:14:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Jul 2021 02:01:52 GMT
Server: nginx
ETag: W/"60f4dd10-366bf"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.flexdatalist.min.js Show response
vncare.net/assets/js/ 23 KB
8 KB 249ms
248ms Script
application/javascript 103.229.193.244
VIETNAMHOST-AS-VN...

General

Check archive.org

Show headers Download Go to

Full URL: https://vncare.net/assets/js/jquery.flexdatalist.min.js
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.229.193.244 , Viet Nam, ASN131404 (VIETNAMHOST-AS-VN Masters Technology Corporation, VN),
Reverse DNS: static.vietnamhost.com.vn
Software: nginx /
Resource Hash: e6c5d9c776a3337cab158f0cc40633c067389097c0b70e97037f87e8f6bcb3d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 17:14:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Jul 2021 02:01:52 GMT
Server: nginx
ETag: W/"60f4dd10-5ca8"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK main.js Show response
vncare.net/assets/js/ 7 KB
2 KB 250ms
249ms Script
application/javascript 103.229.193.244
VIETNAMHOST-AS-VN...

General

Check archive.org

Show headers Download Go to

Full URL: https://vncare.net/assets/js/main.js
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.229.193.244 , Viet Nam, ASN131404 (VIETNAMHOST-AS-VN Masters Technology Corporation, VN),
Reverse DNS: static.vietnamhost.com.vn
Software: nginx /
Resource Hash: c65682c02e2f09d4b9b564cc342181a511e87b9112e50136c4037be2d0ac81a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 17:14:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Jul 2021 02:01:52 GMT
Server: nginx
ETag: W/"60f4dd10-1af8"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 120 KB
47 KB 105ms
46ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MRTTQPL

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

877f4c8daa424d4ab0b08f3a4560accf2b9e7535c8fbd8f20a85819fe4f09c87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:14:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47525
x-xss-protection: 0
last-modified: Sat, 18 Mar 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 18 Mar 2023 17:14:05 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 78 KB
79 KB 22ms
12ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de18f83fe5e106b0ff08097632c801d3b2a5744cb2040302314b3ed08d5c0c8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Origin: https://vncare.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:14:05 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2214876
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 80300
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-139ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MWNpq4RG8Y41gyzfcO8RaQ2JJiVcIsSgaFlph2jiZX88MYqhHAIiXzfZdJvPImlZmrMNdt0D6Sd9IRLGyj8YOdJMkmjy%2FW8uUdHurr6vOaecdSmR8yYkq%2FvMVpFP6Va0kAnuQPe6MhNqmAUX6X3U5XjN"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a9f1c25cc023667-FRA
expires: Thu, 07 Mar 2024 17:14:05 GMT

GET
H3 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 13 KB
14 KB 32ms
32ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-regular-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6df2ce1dd3eb2bb0e0e5418aa6cdf26ff6cd382363f5d72b56d1befbec4131e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Origin: https://vncare.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:14:05 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3722946
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13548
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-34ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UhJxLYoSKqJJAnBwDTtgVtuEmXYANSt6JLtJ9pvlRCFVN6Zb%2FcNoo1xk9zyMAwqvZjSGDDJb%2BoAPi%2Fe0qnPZTxa8w7FjmUq19F7lwDcYtd9NdV9Ya%2BpHGBV%2FiOzqthzjxxHFM55m%2BkopDgCPfRJp39iS"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a9f1c25cc063667-FRA
expires: Thu, 07 Mar 2024 17:14:05 GMT

GET
H2 200 logo_mobi.png
thammyviengangwhoo.vn/wp-content/uploads/2018/12/ 13 KB
13 KB 1715ms
226ms Image
image/png 103.138.88.36
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thammyviengangwhoo.vn/wp-content/uploads/2018/12/logo_mobi.png
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.138.88.36 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: LiteSpeed / PleskLin
Resource Hash: 0acd000b7821ba7535d7d3100e28d42e005dde81f5240da18ba0164444d75dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:14:04 GMT
last-modified: Wed, 27 Oct 2021 04:07:38 GMT
server: LiteSpeed
etag: "33f5-6178d08a-7eee3b208f694cb6;;;"
x-powered-by: PleskLin
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 13301
expires: Sat, 25 Mar 2023 17:14:04 GMT

GET
H2 200 logo-xme-khong-nen.png
xmebeauty.com/wp-content/uploads/2022/07/ 29 KB
29 KB 1737ms
480ms Image
image/webp 103.138.88.65
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xmebeauty.com/wp-content/uploads/2022/07/logo-xme-khong-nen.png
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.138.88.65 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 129e8fc930f2868133ba648df1b39a8ec00c55f0f20214aade81a544d94df1e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:14:04 GMT
last-modified: Sat, 13 Aug 2022 08:40:20 GMT
server: LiteSpeed
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 29726
expires: Sun, 17 Mar 2024 17:14:04 GMT

GET
H2 200 logo.png
theme.hstatic.net/200000531009/1000882964/14/ 10 KB
11 KB 261ms
232ms Image
image/webp 2606:4700:10::ac43:ebf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.hstatic.net/200000531009/1000882964/14/logo.png?v=820
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2ff863713a2af74627cc821ca8d650eeaff248d4bd9594a59ced297f074c58d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:14:05 GMT
via: 1.1 google
cf-cache-status: HIT
x-requestid: 0HMJIV0FHR6H3:00000235
cf-polished: origFmt=png, origSize=25842
x-envoy-upstream-service-time: 25
content-disposition: inline; filename="logo.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10672
cf-bgj: imgq:85,h2pri
last-modified: Mon, 18 Jul 2022 15:16:11 GMT
server: cloudflare
etag: "5831232486c4d636894cc180ad0e7a22"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7a9f1c262999bbf1-FRA
expires: Thu, 11 Aug 2022 03:36:55 GMT

GET
H2 200 LOGO-3D-PNG-01.png
angelbeauty.com.vn/wp-content/uploads/2022/06/ 824 KB
824 KB 2117ms
269ms Image
image/png 103.77.162.8
SUPERDATA-AS-VN S...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://angelbeauty.com.vn/wp-content/uploads/2022/06/LOGO-3D-PNG-01.png
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.77.162.8 , Viet Nam, ASN45544 (SUPERDATA-AS-VN SUPERDATA-, VN),
Reverse DNS: alia.thonetvander.vn
Software: LiteSpeed /
Resource Hash: 6d58df06c903006249c8598d9604d36dd77edded7da7fa4f429d699bf367b9d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:14:07 GMT
last-modified: Fri, 24 Jun 2022 10:31:39 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 843325
expires: Sat, 25 Mar 2023 17:14:07 GMT

GET
H/1.1 200
OK kem-chong-nang-pho-rong-la-gi.jpg
vncare.net/tin-tuc/wp-content/uploads/2023/03/ 96 KB
96 KB 501ms
500ms Image
image/jpeg 103.229.193.244
VIETNAMHOST-AS-VN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vncare.net/tin-tuc/wp-content/uploads/2023/03/kem-chong-nang-pho-rong-la-gi.jpg
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.229.193.244 , Viet Nam, ASN131404 (VIETNAMHOST-AS-VN Masters Technology Corporation, VN),
Reverse DNS: static.vietnamhost.com.vn
Software: nginx /
Resource Hash: 6a5b5c119e29baff98f1cce6f2b309113093c38245dc23665417663cfdd94f78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 17:14:05 GMT
Last-Modified: Thu, 09 Mar 2023 08:56:36 GMT
Server: nginx
ETag: "64099f44-18059"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 98393
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK Nie%CC%82%CC%80ng-ra%CC%86ng-gia%CC%81-bao-nhie%CC%82u-tie%CC%82%CC%80n-4.jpeg
vncare.net/tin-tuc/wp-content/uploads/2022/10/ 46 KB
46 KB 734ms
531ms Image
image/jpeg 103.229.193.244
VIETNAMHOST-AS-VN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vncare.net/tin-tuc/wp-content/uploads/2022/10/Nie%CC%82%CC%80ng-ra%CC%86ng-gia%CC%81-bao-nhie%CC%82u-tie%CC%82%CC%80n-4.jpeg
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.229.193.244 , Viet Nam, ASN131404 (VIETNAMHOST-AS-VN Masters Technology Corporation, VN),
Reverse DNS: static.vietnamhost.com.vn
Software: nginx /
Resource Hash: 7cc56d258c6f121c54e07c3e797d1c41da07418e8a2fc69336d18ff6bf52a8fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 17:14:05 GMT
Last-Modified: Sun, 02 Oct 2022 07:03:59 GMT
Server: nginx
ETag: "633937df-b7c4"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 47044
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1.jpg
vncare.net/tin-tuc/wp-content/uploads/2020/02/ 25 KB
25 KB 226ms
226ms Image
image/jpeg 103.229.193.244
VIETNAMHOST-AS-VN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vncare.net/tin-tuc/wp-content/uploads/2020/02/1.jpg
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.229.193.244 , Viet Nam, ASN131404 (VIETNAMHOST-AS-VN Masters Technology Corporation, VN),
Reverse DNS: static.vietnamhost.com.vn
Software: nginx /
Resource Hash: afec36c7fafe144cf9764838c9a4b904620574aa3ff0e916463cbc9a48d02d78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 17:14:05 GMT
Last-Modified: Mon, 03 Feb 2020 04:32:59 GMT
Server: nginx
ETag: "5e37a27b-6388"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 25480
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK fa-solid-900.woff2
vncare.net/assets/webfonts/ 74 KB
75 KB 439ms
300ms Font
font/woff2 103.229.193.244
VIETNAMHOST-AS-VN...

General

Check archive.org

Show headers Download Go to

Full URL: https://vncare.net/assets/webfonts/fa-solid-900.woff2
Requested by: Host: vncare.net
URL: https://vncare.net/assets/css/fontawesome-health.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.229.193.244 , Viet Nam, ASN131404 (VIETNAMHOST-AS-VN Masters Technology Corporation, VN),
Reverse DNS: static.vietnamhost.com.vn
Software: nginx /
Resource Hash: 787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4

Request headers

Referer: https://vncare.net/assets/css/fontawesome-health.css
Origin: https://vncare.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 17:14:05 GMT
Last-Modified: Mon, 19 Jul 2021 02:01:52 GMT
Server: nginx
ETag: "60f4dd10-12934"
Content-Type: font/woff2
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 76084

GET
H/1.1 200
OK fa-regular-400.woff2
vncare.net/assets/webfonts/ 13 KB
14 KB 516ms
337ms Font
font/woff2 103.229.193.244
VIETNAMHOST-AS-VN...

General

Check archive.org

Show headers Download Go to

Full URL: https://vncare.net/assets/webfonts/fa-regular-400.woff2
Requested by: Host: vncare.net
URL: https://vncare.net/assets/css/fontawesome-health.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.229.193.244 , Viet Nam, ASN131404 (VIETNAMHOST-AS-VN Masters Technology Corporation, VN),
Reverse DNS: static.vietnamhost.com.vn
Software: nginx /
Resource Hash: 86e496b536b26ba60cdb68df9dd9143b19a63b65e30e373b0321833aab1295d6

Request headers

Referer: https://vncare.net/assets/css/fontawesome-health.css
Origin: https://vncare.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 17:14:05 GMT
Last-Modified: Mon, 19 Jul 2021 02:01:52 GMT
Server: nginx
ETag: "60f4dd10-3508"
Content-Type: font/woff2
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 13576

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 50ms
13ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-155281519-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 18 Mar 2023 16:23:33 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3032
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sat, 18 Mar 2023 18:23:33 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303140101/ 350 KB
117 KB 125ms
76ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5581868270899806&plah=vncare.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5581868270899806

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c80f1cecbad040ee9fc9bf1963b7f9aa02152262fdecbc5b949c8ad90b1baa24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:14:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119661
x-xss-protection: 0
server: cafe
etag: 9100667252572259709
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 18 Mar 2023 17:14:05 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/ Frame 5BE3 10 KB
5 KB 47ms
12ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5581868270899806

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vncare.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 84448
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 17:46:37 GMT
etag: 2378337311435320485
expires: Fri, 31 Mar 2023 17:46:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 app.js Show response
widget.subiz.net/sbz/ 456 B
742 B 361ms
333ms Script
text/javascript 2606:4700:20::681a:c2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.subiz.net/sbz/app.js?accid=acrbglqzghjwguvnwdvo
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40138541fc2272de9c2a31faf8d18e091f6ba9e2c9398a94aa14d00797ca8372

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:14:05 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 18 Mar 2023 13:21:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V8YeOBlF7EfAMSMaHoqp2Vp%2FMiG3GczYVYmt6fm9sIYJ5UPXFvsZG7zoQ%2Fw6M7ixGNSRb4g0rWClYJc%2FZZc6K7ojbyfEV2aO0vrVqjND7edS8UbQYOxKu9LqaYhWSPo1A%2F0A5GVp%2Bhiu%2BE59nWw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=300
cf-ray: 7a9f1c272ea1917c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 89ujuxmj9s Show response
www.clarity.ms/tag/ 992 B
1 KB 149ms
101ms Script
application/x-javascript 2620:1ec:4e:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/89ujuxmj9s?ref=gtm2
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8c89491f2f08c259d6d26ae0069c87e1e535afa607ccfc97ca5130543c5d48a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: application/x-javascript
date: Sat, 18 Mar 2023 17:14:04 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 0XfEVZAAAAAAf6AP0Wjm1TY5b2IvQ/priRlJBMzFFREdFMDkyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
202 B 21ms
20ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1733466098&t=pageview&_s=1&dl=https%3A%2F%2Fvncare.net%2F&ul=en-us&de=UTF-8&dt=VNCARE%3A%20T%C3%ACm%20B%E1%BB%87nh%20Vi%E1%BB%87n%2C%20Ph%C3%B2ng%20Kh%C3%A1m%2C%20Nh%C3%A0%20Thu%E1%BB%91c%2C%20Tin%20T%E1%BB%A9c%20S%E1%BB%A9c%20Kho%E1%BA%BB%2CCOVID-19&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1079389020&gjid=391466336&cid=329108169.1679159645&tid=UA-155281519-2&_gid=230229352.1679159645&_r=1&gtm=457e33f0&z=1696897622

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vncare.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 17:14:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vncare.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
71 B 21ms
20ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1733466098&t=pageview&_s=1&dl=https%3A%2F%2Fvncare.net%2F&ul=en-us&de=UTF-8&dt=VNCARE%3A%20T%C3%ACm%20B%E1%BB%87nh%20Vi%E1%BB%87n%2C%20Ph%C3%B2ng%20Kh%C3%A1m%2C%20Nh%C3%A0%20Thu%E1%BB%91c%2C%20Tin%20T%E1%BB%A9c%20S%E1%BB%A9c%20Kho%E1%BA%BB%2CCOVID-19&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=1401721836&gjid=747002170&cid=329108169.1679159645&tid=UA-155281519-1&_gid=230229352.1679159645&_r=1&_slc=1&gtm=45He33f0n81MRTTQPL&z=1176074727

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vncare.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 17:14:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vncare.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
345 B 58ms
19ms XHR
text/plain 2a00:1450:400c:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-155281519-1&cid=329108169.1679159645&jid=1401721836&gjid=747002170&_gid=230229352.1679159645&_u=YEDAAUABAAAAACAAI~&z=1125780600

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vncare.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 18 Mar 2023 17:14:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vncare.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 88ms
53ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-155281519-1&cid=329108169.1679159645&jid=1401721836&_u=YEDAAUABAAAAACAAI~&z=1596023649

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 17:14:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 111ms
52ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-155281519-1&cid=329108169.1679159645&jid=1401721836&_u=YEDAAUABAAAAACAAI~&z=1596023649

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 17:14:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus-b-sc/s/0.7.4/ 55 KB
19 KB 10ms
10ms Script
application/javascript 2620:1ec:4e:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus-b-sc/s/0.7.4/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/89ujuxmj9s?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: eb26f2d6058505cd1dbe32619149aee2b11f70bcf37c34cdf5ad879c68a9abc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:14:04 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-azure-ref-originshield: 0vLEUZAAAAACEh8ocx6cDR6P07wwrgbn9RlJBMjMxMDUwNDE3MDI3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "1d9581e219711cd"
x-azure-ref: 0XfEVZAAAAABp4HtzuEkdSY72MDp79GFxRlJBMzFFREdFMDkyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
602 B 108ms
24ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=vncare.net&callback=_gfp_s_&client=ca-pub-5581868270899806

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5581868270899806&plah=vncare.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5085d320c961475ad80d0b4bed8503b7683a7464e5ba33decb5ca1309e56e3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:14:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 58ms
23ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vncare.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:14:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 60ms
22ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vncare.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:14:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0F1B 125 KB
43 KB 505ms
504ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&adk=1812271804&adf=3025194257&lmt=1679159645&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fvncare.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159645226&bpp=7&bdt=1280&idt=281&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=503987971305&frm=20&pv=2&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=318

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17e405ccc336e0cfb0caa886d30905f92b15b2a940d87d14f47c9f8d7932c5aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vncare.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43819
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Mar 2023 17:14:06 GMT
expires: Sat, 18 Mar 2023 17:14:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9A49 116 KB
36 KB 1329ms
1328ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=2119092829&adf=1056625411&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1679159645&rafmt=1&to=qs&pwprc=7526812580&format=1200x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159645233&bpp=2&bdt=1288&idt=318&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=113&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=00XUbRfuUA&p=https%3A//vncare.net&dtd=321

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2dc5094e239c09741b54bd7c4c8293788f47bc93eb32125f6566c181adfbd0e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vncare.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36352
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Mar 2023 17:14:06 GMT
expires: Sat, 18 Mar 2023 17:14:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 204
No Content collect Show response
q.clarity.ms/ 0
290 B 286ms
95ms XHR
text/plain 20.231.53.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-b-sc/s/0.7.4/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://vncare.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://vncare.net
Date: Sat, 18 Mar 2023 17:14:05 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET totalDonate
payment-api.vietnamkhoemanh.vn/api/v1/g1donate/TransactionInfo/ 0
0

GET
H2 200 186c9849f9c.app.js Show response
vcdn.subiz-cdn.com/widget-v4/public/ 106 KB
35 KB 1891ms
223ms Script
application/javascript 118.69.83.90
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL

https://vcdn.subiz-cdn.com/widget-v4/public/186c9849f9c.app.js

Requested by

Host: widget.subiz.net
URL: https://widget.subiz.net/sbz/app.js?accid=acrbglqzghjwguvnwdvo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

118.69.83.90 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),

Reverse DNS

Software

Resource Hash

413bd49c9dd4a296c91f2c9b9a7d20b4a445009cc66bab483e5c81f9dc44cd5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=946080000;includeSubDomains;preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:14:07 GMT
via: 1.1 google
content-encoding: gzip
x-content-type-options: nosniff
x-https-rewrite: false
strict-transport-security: max-age=946080000;includeSubDomains;preload
x-guploader-uploadid: ADPycdsf37Ihv-kY9o1IqeCrNU2ksEhYRe6j0_16CTJLVv8TRKG4Omox5QK13_Zmoc-ABo8-iZDu3DczRmjCTFUb5CGGIA
x-html-optimize: true
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-cache-version: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Fri, 10 Mar 2023 03:16:14 GMT
x-js-min: true
x-goog-generation: 1678418174263901
content-language: en
access-control-allow-origin: *
x-goog-hash: crc32c=1e7Wpw==, md5=ccrlqFPLmIk7Qwb2AgSCrw==
access-control-expose-headers: Content-Type
cache-control: max-age=946080000
content-type: application/javascript
x-goog-stored-content-length: 34447
x-request-time: 0.000
x-css-min: true
expires: Sat, 09 Mar 2024 03:16:42 GMT

POST
H/1.1 204
No Content collect Show response
q.clarity.ms/ 0
290 B 389ms
283ms XHR
text/plain 20.231.53.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-b-sc/s/0.7.4/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://vncare.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://vncare.net
Date: Sat, 18 Mar 2023 17:14:06 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
12ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1733466098&t=event&ni=1&_s=2&dl=https%3A%2F%2Fvncare.net%2F&ul=en-us&de=UTF-8&dt=VNCARE%3A%20T%C3%ACm%20B%E1%BB%87nh%20Vi%E1%BB%87n%2C%20Ph%C3%B2ng%20Kh%C3%A1m%2C%20Nh%C3%A0%20Thu%E1%BB%91c%2C%20Tin%20T%E1%BB%A9c%20S%E1%BB%A9c%20Kho%E1%BA%BB%2CCOVID-19&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=1fjaxlz&_u=aHDAAUABAAAAACAAI~&jid=&gjid=&cid=329108169.1679159645&tid=UA-155281519-1&_gid=230229352.1679159645&gtm=45He33f0n81MRTTQPL&cd1=https%3A%2F%2Fclarity.microsoft.com%2Fga%2F89ujuxmj9s%2Fc6v4ee%2F1fjaxlz&z=1359021373

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 23:51:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62533
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303140101/ 149 KB
51 KB 76ms
76ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303140101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a20c6fbe03fa36da39897cd6e9a51af012676f93b8e7143ea1f527040da212bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:14:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52109
x-xss-protection: 0
server: cafe
etag: 14672767504749863988
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Mar 2023 17:14:06 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 23ms
22ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vncare.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:14:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 23ms
22ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vncare.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:14:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9D56 111 KB
38 KB 786ms
785ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=4021405283&pi=t.aa~a.2129858836~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=2&bdt=2192&idt=-M&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280&nras=3&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=1378&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=St7qye3u5E&p=https%3A//vncare.net&dtd=68

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2aed82546af48175742a982e5873727f334364951c29ca07f4743efd54cab0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vncare.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38715
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Mar 2023 17:14:06 GMT
expires: Sat, 18 Mar 2023 17:14:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7308 112 KB
38 KB 874ms
874ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=4005583156&pi=t.aa~a.2129838750~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=2&bdt=2192&idt=-M&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280%2C1182x280&nras=4&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=2033&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xdURMkbjTf&p=https%3A//vncare.net&dtd=73

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8d97dedf4c4ab5ca59ae96d6fb6187cb2c7073b35ce0f5c584b350ac2d28630

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vncare.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Mar 2023 17:14:07 GMT
expires: Sat, 18 Mar 2023 17:14:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D01A 113 KB
38 KB 1002ms
1002ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=2457907049&pi=t.aa~a.2129839751~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=1&bdt=2192&idt=1&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280%2C1182x280%2C1182x280&nras=5&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=2688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=2EdjGQootg&p=https%3A//vncare.net&dtd=77

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd379dbdf191e59252cee4383f0388edf1ed09a1adf334cdc26ac56db4283cab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vncare.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38531
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Mar 2023 17:14:07 GMT
expires: Sat, 18 Mar 2023 17:14:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 24ms
24ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vncare.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:14:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 22ms
22ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vncare.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:14:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/ Frame 1A83 10 KB
4 KB 13ms
13ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vncare.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 63029
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 23:43:37 GMT
etag: 2378337311435320485
expires: Fri, 31 Mar 2023 23:43:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F510 624 B
246 B 54ms
53ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmw9gIQ_bPr_AEYnYrW4QEwAQ&v=APEucNW3ob5B6effSpQSrewlaWsIG6AMuYc23Tp55J2UOBQMV3Wnol2V0EQPUZOe6bLzTYoHjbh1mD7Bi0sTTIY-tK9sYVU6Xkd92tVnIEoei4MNDiB3uuM8oj9_t87_bCWAdMws7dBoVGCnYqSyzkw2ANcij42V0ZSaL8FIXPgAkIEtwoF_MK4

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Mar 2023 17:14:06 GMT
expires: Sat, 18 Mar 2023 17:14:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame 9A6E 22 KB
9 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 18:18:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82531
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9101
x-xss-protection: 0
server: cafe
etag: 583283675565503348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 Mar 2023 18:18:35 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230315/r20110914/elements/html/ Frame 9A6E 7 KB
3 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230315/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c884d0fa4ce72b3abf613a4b373bee64b6d65e9e888a4dfb80126f393e37621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 18:18:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82531
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3014
x-xss-protection: 0
server: cafe
etag: 9808071744210312579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 Mar 2023 18:18:35 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9A6E 0
0 137ms
50ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv031I3ufpdIwT4Vn9T0pKuNjQoezIz70Zj0HTTHkLvwNVasNu_Or0HN621ta3NqZ8UFwGJ7XVJaLOZglqsIdJCpMSFAYw-_gONOcoGsjt-J8Cg9LF_WHqPfVYf5tU3LyNKtDwTX_qEZotYboDGz_DGR5j2e6UgL7oJ3UJWsUo-Gu5CIgYTBgUQSuICie_vlgpG7ff2KF4iAroN3rKQPRLlSFcRIClC12ifFPLyDglIsyzNNbrPPdVgJpMRqfqouhw8A6GCtfMoV-pCRsPFSRr4iL_9NfYbaceItW6D-yezPKjo-u3x2_SO2uB9fhSxiLeTQ8zNs4imNkyXrOhuZi5u2Haam1R8QpUgwxzTdmxVUG6AX7OOLVj_ErN26ET9knyKERDYsPkwzboYG9hSRE3oZZohj7vG8qrWzj91veWOyqAE5t36AJXkkyo4ua5-72MULnunEoYEHUitOB4jY1jstqd5k7O5iE76UefrTVr_I_gJwWWJflPSxosWwUGurH7meX-1rZnlT31oB3wyWkH62MM317LwBl9Z6vwZXmQmzCLo5xJVWJRjVqSqDqKA3EnaPJf0Gb9vWMPwFn3fB451nbFm7BoUt9PSLBBtDOP9XRbGQ4pSpQBPEJLeL97P4Yk_CDxffvEbJmFt9k0zc29sEFJg9kj5n91C1QOF4yqte2wdrV_2Og_r8ffy0rwL7rxE9bjBUVP2rcS7sbYZ82CzPxIVyG8hCWufmD-qWZG2DqMo7LdmFmJq3zEv3JHjHVdbHWouEPtr9Tci0CdGHQOchziFxVE0pig0JTI6STthMOpBYBUoTN931GzXIQGlLgTw1Vd1KomxxYjVRGE0nq-lGvCPLZiNysRtnINULPWHHNXGXpdEGM6vCJEW7bp_fMA-YDvNmeI9vQl0cGU8r32b0d8_tdyR7umvOWMybYyhQPEYJ9MfGG1HUFT6vYwSCIse2AVXcG1PmOYwCZLm6iyrjW9cfm9P5fe307SkPnsZ7jrG0WdvcFID3JfGSVYzQxyuQQFzGBqY_w3y1ul11zcj_z9n24ArPkPQvUptVMZKwPzASjJSIr1RUnPNrsSLZp5Efb2cEfmddDP5x4r8Oj0zNzAeETxilc7NXcHpyDLzjQRlUwElkQx15Wm1kekTpFbt4FCPQh7qHvn0kPosB2EgJmpswdPwGvNgMlt-Av6lNIZi5tfgVx5C1CafPrd7617br0MCIiX7Uyfls6duJkXF7xjQz4HTcA&sai=AMfl-YRB9tXtrMMOkiKA3Z_gFnJqROjlrtGHHdReUoE7v5sTqxJu4B1auA6kn-_Chw2wPCc-W8qRz1s5r2S-YUiCGV8oEewKqyCxzI0SqPau19wFgtobjuO76vVYA24A1Fi0jLO_NE9PATqxtESZ2hJSxQQXPPDkhLFHmMsxcTOo6Vm4SronaE-5BaECzeMH7filKjxmoeGCRerlNEIeYJhbC4GfPUUtfhue_Uk2QPIRdAM&sig=Cg0ArKJSzD8xvcEEHA9ZEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230315.37658&arae=0&ftch=1&adurl=

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 18 Mar 2023 17:14:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 18 Mar 2023 17:14:06 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9A6E 41 KB
15 KB 82ms
19ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 06:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37623
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Mar 2024 06:47:03 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 9A6E 3 KB
1 KB 93ms
30ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 15:43:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5456
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Apr 2023 15:43:10 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 9A6E 20 KB
9 KB 75ms
12ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 18:07:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83207
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8617
x-xss-protection: 0
server: cafe
etag: 263085479041318444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 Mar 2023 18:07:19 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9A6E 158 KB
49 KB 83ms
27ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:14:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Mar 2023 17:14:06 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A6E 42 B
63 B 47ms
47ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CMDvB8rkHfRZ99eD58wxpAUfHOnowMZcCbrZGRqjgONfRMtmuCFBjnqei16bpfBUpiQkOze5_3taw4xG0x2ii6radCCEBrbpKeQ9qK7wDD5M0gKuA

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 17:14:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2562466465139333265
s0.2mdn.net/simgad/ Frame 9A6E 63 KB
63 KB 94ms
24ms Image
image/jpeg 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2562466465139333265?sqp=uqWu0g0HCFoQ2AVAZA&rs=AOga4qmURssJqQEsm0cCyMm9pGSG-RSq0A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2100209ed8009fc15b32f3f3241eb23e2df6346416df07a872e01ddf236719a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 07:45:29 GMT
x-content-type-options: nosniff
age: 466117
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64118
x-xss-protection: 0
last-modified: Sat, 18 Feb 2023 09:21:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Mar 2024 07:45:29 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F510
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMNrCYSAO_zsYNTUwQM4GfE&google_cver=1

43 B
766 B

11ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMNrCYSAO_zsYNTUwQM4GfE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmw9gIQ_bPr_AEYnYrW4QEwAQ&v=APEucNW3ob5B6effSpQSrewlaWsIG6AMuYc23Tp55J2UOBQMV3Wnol2V0EQPUZOe6bLzTYoHjbh1mD7Bi0sTTIY-tK9sYVU6Xkd92tVnIEoei4MNDiB3uuM8oj9_t87_bCWAdMws7dBoVGCnYqSyzkw2ANcij42V0ZSaL8FIXPgAkIEtwoF_MK4
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 18 Mar 2023 17:14:06 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 18 Mar 2023 17:14:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMNrCYSAO_zsYNTUwQM4GfE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F510
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZBXxXvCjspw-rmjR-KkcJgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMNrCYSAO_zsYNTUwQM4GfE&google_cver=1

43 B
766 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMNrCYSAO_zsYNTUwQM4GfE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmw9gIQ_bPr_AEYnYrW4QEwAQ&v=APEucNW3ob5B6effSpQSrewlaWsIG6AMuYc23Tp55J2UOBQMV3Wnol2V0EQPUZOe6bLzTYoHjbh1mD7Bi0sTTIY-tK9sYVU6Xkd92tVnIEoei4MNDiB3uuM8oj9_t87_bCWAdMws7dBoVGCnYqSyzkw2ANcij42V0ZSaL8FIXPgAkIEtwoF_MK4
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 18 Mar 2023 17:14:06 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 18 Mar 2023 17:14:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMNrCYSAO_zsYNTUwQM4GfE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame F510
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKD8p3HFDg_nCvUr4mObDM0&google_cver=1

43 B
1 KB

37ms
12ms

Image
image/gif

185.83.142.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKD8p3HFDg_nCvUr4mObDM0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmw9gIQ_bPr_AEYnYrW4QEwAQ&v=APEucNW3ob5B6effSpQSrewlaWsIG6AMuYc23Tp55J2UOBQMV3Wnol2V0EQPUZOe6bLzTYoHjbh1mD7Bi0sTTIY-tK9sYVU6Xkd92tVnIEoei4MNDiB3uuM8oj9_t87_bCWAdMws7dBoVGCnYqSyzkw2ANcij42V0ZSaL8FIXPgAkIEtwoF_MK4

Protocol

HTTP/1.1

Server

185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 18 Mar 2023 17:14:06 GMT
AN-X-Request-Uuid: a4caa87e-1f11-430e-82d0-c98a16ffb887
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 178.162.209.132; 178.162.209.132; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 18 Mar 2023 17:14:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKD8p3HFDg_nCvUr4mObDM0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F510
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjg1MDQzMDk5MzMyNDI0NjIwNw%3D%3D

170 B
243 B

23ms
22ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjg1MDQzMDk5MzMyNDI0NjIwNw%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 17:14:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 18 Mar 2023 17:14:06 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.132; 178.162.209.132; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 35849235-8566-48d4-af72-0437162de4a7
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjg1MDQzMDk5MzMyNDI0NjIwNw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 9A6E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be52ee22f73cce933c15418cd6657156980db80a354fbafee8e42443e03a2e66

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame AA21 22 KB
8 KB 13ms
12ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 31364
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 18 Mar 2023 08:31:22 GMT
expires: Sun, 17 Mar 2024 08:31:22 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9A6E 0
0 50ms
49ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv031I3ufpdIwT4Vn9T0pKuNjQoezIz70Zj0HTTHkLvwNVasNu_Or0HN621ta3NqZ8UFwGJ7XVJaLOZglqsIdJCpMSFAYw-_gONOcoGsjt-J8Cg9LF_WHqPfVYf5tU3LyNKtDwTX_qEZotYboDGz_DGR5j2e6UgL7oJ3UJWsUo-Gu5CIgYTBgUQSuICie_vlgpG7ff2KF4iAroN3rKQPRLlSFcRIClC12ifFPLyDglIsyzNNbrPPdVgJpMRqfqouhw8A6GCtfMoV-pCRsPFSRr4iL_9NfYbaceItW6D-yezPKjo-u3x2_SO2uB9fhSxiLeTQ8zNs4imNkyXrOhuZi5u2Haam1R8QpUgwxzTdmxVUG6AX7OOLVj_ErN26ET9knyKERDYsPkwzboYG9hSRE3oZZohj7vG8qrWzj91veWOyqAE5t36AJXkkyo4ua5-72MULnunEoYEHUitOB4jY1jstqd5k7O5iE76UefrTVr_I_gJwWWJflPSxosWwUGurH7meX-1rZnlT31oB3wyWkH62MM317LwBl9Z6vwZXmQmzCLo5xJVWJRjVqSqDqKA3EnaPJf0Gb9vWMPwFn3fB451nbFm7BoUt9PSLBBtDOP9XRbGQ4pSpQBPEJLeL97P4Yk_CDxffvEbJmFt9k0zc29sEFJg9kj5n91C1QOF4yqte2wdrV_2Og_r8ffy0rwL7rxE9bjBUVP2rcS7sbYZ82CzPxIVyG8hCWufmD-qWZG2DqMo7LdmFmJq3zEv3JHjHVdbHWouEPtr9Tci0CdGHQOchziFxVE0pig0JTI6STthMOpBYBUoTN931GzXIQGlLgTw1Vd1KomxxYjVRGE0nq-lGvCPLZiNysRtnINULPWHHNXGXpdEGM6vCJEW7bp_fMA-YDvNmeI9vQl0cGU8r32b0d8_tdyR7umvOWMybYyhQPEYJ9MfGG1HUFT6vYwSCIse2AVXcG1PmOYwCZLm6iyrjW9cfm9P5fe307SkPnsZ7jrG0WdvcFID3JfGSVYzQxyuQQFzGBqY_w3y1ul11zcj_z9n24ArPkPQvUptVMZKwPzASjJSIr1RUnPNrsSLZp5Efb2cEfmddDP5x4r8Oj0zNzAeETxilc7NXcHpyDLzjQRlUwElkQx15Wm1kekTpFbt4FCPQh7qHvn0kPosB2EgJmpswdPwGvNgMlt-Av6lNIZi5tfgVx5C1CafPrd7617br0MCIiX7Uyfls6duJkXF7xjQz4HTcA&sai=AMfl-YRB9tXtrMMOkiKA3Z_gFnJqROjlrtGHHdReUoE7v5sTqxJu4B1auA6kn-_Chw2wPCc-W8qRz1s5r2S-YUiCGV8oEewKqyCxzI0SqPau19wFgtobjuO76vVYA24A1Fi0jLO_NE9PATqxtESZ2hJSxQQXPPDkhLFHmMsxcTOo6Vm4SronaE-5BaECzeMH7filKjxmoeGCRerlNEIeYJhbC4GfPUUtfhue_Uk2QPIRdAM&sig=Cg0ArKJSzD8xvcEEHA9ZEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=163&vt=11&dtpt=162&dett=2&cstd=0&cisv=r20230315.37658&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:14:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 18 Mar 2023 17:14:06 GMT

GET
H3 200 n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js Show response
pagead2.googlesyndication.com/bg/ Frame AA21 36 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fb29d4a25891606c32c76a3971a06ceb33d2750c966578813492dec8d38b851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 10:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25245
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14330
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 10:13:21 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AA21 0
20 B 50ms
49ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BrtkgXfEVZLTXJ9OU_tMPjcCcqAoAAAAAOAHgBAI&bg=!5-Sl5LDNAAZEjmHWZI47ADkAdvg8WqrQQQ8ufokph4_qHKBuWbkKl72qKwM3JPdOOdl9O-vbMndbGbeASYOehQ8ykehjm3ILLXMCAAAAUFIAAAACaAEHCgBxIPXublqh_ly4cA7tfkKB1MdBevA840StbjGP8WOC4UKfBHEdH0d3tkDuldaf7k_K8lq_0R3IqLXdIH88jnmV-Rf5fym34bXq-qbB1SKM5RrQpXlAJb4Hc3zLig7z5pOrytPwCydVsdgtETQLLzKKpmuZAv61XiNIJYRJYjj8XzlVpescX7GHwCA0VUSldK_xsUTmosHg9PVzl8eLNBkWbOxl0YkHeKbyIIgfBZRe98MsVS6k0vk9cPCwpfJeg9YQZFVSMJssuJUgK2jOvR4br8wt0lhYzu6wpOUNDb6iZGL4u6ZvkXdYnxePGePwOGbjiuV1v4BuMnx9ODMAEPqGhCu-LDi98VLGzAf-RaAkCFeVfP3jAyY5dKSyAK3mCgxK-o2HnctNx2kk7In5l8mSdSxKlo3Lfmi4U-8s6tN_aVBrBe4Kw-fA7zG40koeY9NHKlakNRvKnizB1HRc5k_-OxMew9RMEQBQPxHbMI_L8OSJlzKqz0hefcLEwdr3ft8XOtq-yAnEjY0psvTIoF0QGLDIRl1twFexQx_hOZ27Gc7ZwilcNcBjp3-_UBrClNYdC-9Q3dJMRazPWVhJN0a4bh_s9jMjex0FoVuz3gWxSYTKH0rbfcW_flzJ7V3Pbio_77k1PDArJ5IncQvO0_dLpVtIC4I8bXHhcJJT6yNituibYWleydfvjKyLJCYD-awNweLSd9wENoN7rMwEsQXD4dbFoMfxs6CM5t6Lt_YwaRHQgZFwDQw9E79-Y-p2ckc1VPIt1eDVuN_D2ywdgihHz-pr41we8AT8s6iCu4L49IOml-Y7eSWtV8_hMngfCavTe2pviUMU3jDTLBDn6nNXOz1_6G3fCX_Cj_V3AvQAv7RqIc_-Ck5MhQq2p_aNlQ6ni1BmdGo2LgdHRZjZcmzsCxopPoQJjNQ6ujE7NJ13nNRmqWsLGdq9xBxZJbqKGycfOlR7oD5mr38EPPC8J28swCtFhdaifdw7nia6gbxgNMWTNqi2ygSHvZZJD9ZdejCqymtLaqDyRyBNynR4X4HQMYG0c3zJBekR7BQ_hUb71VTFo0Ih4XD2kCdS6Xt5vkrSLibL2y6qnXeyLiXZ64-Q-DicCFi5VLkZdVaDogmtUPPdkFi7AIKnydABHJXtJAJc9pORtmHjYtgTzLC1YI3C_3Dh

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 17:14:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9A49 3 KB
697 B 24ms
22ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=2119092829&adf=1056625411&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1679159645&rafmt=1&to=qs&pwprc=7526812580&format=1200x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159645233&bpp=2&bdt=1288&idt=318&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=113&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=00XUbRfuUA&p=https%3A//vncare.net&dtd=321

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 18 Mar 2023 17:14:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 18 Mar 2023 16:53:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 Mar 2023 17:14:06 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 9A49 2 KB
765 B 14ms
12ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 18:12:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82880
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 Mar 2023 18:12:46 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame 9A49 22 KB
9 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 18:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9101
x-xss-protection: 0
server: cafe
etag: 583283675565503348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 Mar 2023 18:08:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 9A49 3 KB
1 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 16:48:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1534
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Apr 2023 16:48:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 9A49 20 KB
8 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 18:07:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83207
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8617
x-xss-protection: 0
server: cafe
etag: 263085479041318444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 Mar 2023 18:07:19 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9A49 158 KB
48 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:14:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Mar 2023 17:14:06 GMT

GET
H2 200 cbfababd91166e5076a7e33bfb78f317.js Show response
www.gstatic.com/mysidia/ Frame 9A49 34 KB
15 KB 54ms
15ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cbfababd91166e5076a7e33bfb78f317.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 04:57:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14337
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 10:19:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 16 Jun 2023 04:57:51 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9A49 0
0 55ms
55ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CUzdDXfEVZLTvJ4rYiQPWi5SwAdOcoMhv2-OotYgRzIKaiIE5EAEgpafvHmCVgoCAlAegAdWU_scDyAEJqQLVYLTSw-axPqgDAcgDywSqBMMBT9BRwEmO0fwlP07dveWgTlXlXlw1HoSJO8SiYqcJfBYKJ7QP2FiGtnXNSctzMmyOY1hmmv_-a23GBphMmTtHS2LX4fbhfsLjayL_rpQ5xA7B-j5T15MTAhQ_r8HoaFix_RIeGlSEHG15ejFnYSlfRQqPudtVFNRJYcP8OcqYpH9Gcnc6_ps1PeCzb_PMcLAlRt_vgmWMRqu4KamRFYZfM8cFYwNiBuTobtIYmcJVonNsoiT0LF9Q7Z7UOI7QndPtXeTawASo1sy_uwSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHvL-pLqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBCvlU3SCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTC9AVAZgWAYAXAbIXHAoaCAASFHB1Yi01NTgxODY4MjcwODk5ODA2GAA&sigh=4JHAgIY8NVM&uach_m=[UACH]&cid=CAQSGwDUE5ymu8CqCCMZkL6MgMH-IkZcPT849gnovBgB&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=2119092829&adf=1056625411&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1679159645&rafmt=1&to=qs&pwprc=7526812580&format=1200x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159645233&bpp=2&bdt=1288&idt=318&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=113&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=00XUbRfuUA&p=https%3A//vncare.net&dtd=321
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 18 Mar 2023 17:14:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 15980587133838268089_4299825674745671682.gif
static.doubleclick.net/dynamic/5/406967202/ Frame 9A49 9 KB
10 KB 63ms
14ms Image
image/gif 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/406967202/15980587133838268089_4299825674745671682.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d41bfd3e3971548af0d936242a1d0026888e28c646012582e7db51a6eb64aeaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:28:39 GMT
x-content-type-options: nosniff
age: 92727
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9512
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 20:17:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Mar 2024 15:28:39 GMT

GET
H2 200 13372870694007249478_17272480755893488685.jpeg
static.doubleclick.net/dynamic/5/406967202/ Frame 9A49 2 KB
2 KB 65ms
16ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/406967202/13372870694007249478_17272480755893488685.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62dcd25ba816407976bcc0b1fdf63240a032a455df7342291833f3fcefdb1c52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 10:48:07 GMT
x-content-type-options: nosniff
age: 23159
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2419
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 07:00:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 10:48:07 GMT

GET
H2 200 15326621709459363929_1458034032630047022.png
static.doubleclick.net/dynamic/5/406967202/ Frame 9A49 2 KB
2 KB 66ms
18ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/406967202/15326621709459363929_1458034032630047022.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a3036fe08ec69f1cd410b8d4ccef07e48a44e927d7d73a17c9d208dd8912664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 05:55:18 GMT
x-content-type-options: nosniff
age: 40728
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2319
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 18:52:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 05:55:18 GMT

GET
H2 200 15463464187161005552_4294711120515021443.gif
static.doubleclick.net/dynamic/5/406967202/ Frame 9A49 2 KB
3 KB 65ms
17ms Image
image/gif 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/406967202/15463464187161005552_4294711120515021443.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

970212837b98c1e25dcb2c7b62362af2617e20ebc2ef4c6936404d8efdb4fae5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 13:48:03 GMT
x-content-type-options: nosniff
age: 12363
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2482
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 01:14:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 13:48:03 GMT

GET
H3

200

4553853186076129233
tpc.googlesyndication.com/simgad/ Frame 9A49
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODAxIivxQEQ2AQY2AQyCEI4uKqUTIEL
https://tpc.googlesyndication.com/simgad/4553853186076129233

64 KB
64 KB

15ms
14ms

Image
image/jpeg

2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4553853186076129233

Requested by

Protocol

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7157d26f3067dc7d90b2076a0d7181365046fbffe59447ed9cfae3d2aab6a5bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 23:06:59 GMT
x-content-type-options: nosniff
age: 151627
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65821
x-xss-protection: 0
last-modified: Sun, 17 Jul 2022 12:00:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Mar 2024 23:06:59 GMT

Redirect headers

date: Sat, 18 Mar 2023 17:04:21 GMT
x-content-type-options: nosniff
server: cafe
age: 585
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/4553853186076129233
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 17 Apr 2023 17:04:21 GMT

GET
DATA 200
OK truncated
/ Frame 9A49 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 303d1d8df78ac9797abf10bb406e0b77471335612f36402334bd61d27d8cf6da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A49 0
20 B 47ms
46ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=26&version=r20230315&sample=0.01

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/load_preloaded_resource_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 17:14:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 9A49 20 KB
21 KB 48ms
13ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:30:25 GMT
x-content-type-options: nosniff
age: 92622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Mar 2024 15:30:25 GMT

GET
H2 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 9A49 21 KB
21 KB 58ms
23ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:23:51 GMT
x-content-type-options: nosniff
age: 201016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Mar 2024 09:23:51 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9D56 8 KB
895 B 23ms
23ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=4021405283&pi=t.aa~a.2129858836~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=2&bdt=2192&idt=-M&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280&nras=3&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=1378&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=St7qye3u5E&p=https%3A//vncare.net&dtd=68

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 18 Mar 2023 17:14:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 18 Mar 2023 15:58:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 Mar 2023 17:14:07 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 9D56 2 KB
765 B 13ms
12ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 18:12:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82881
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 Mar 2023 18:12:46 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9D56 0
0 57ms
56ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CnsESXvEVZKS1E8Ke_tMPy_y4iAb7_Oy8X4vel-e_DP_1kOPXAhABIKWn7x5g1QWgAYDrptQDyAEJqQLVYLTSw-axPqgDAcgDywSqBMMBT9Dyb9SpUWXydfOn9XcsPrwHBZW5Ddzm_n-0SGIOw20u4y1gfikyc7yly0QGXivny8MQFFHHC3NL-CKTQ_-dIacpFeBvb-FTOWrkeJc7JnXV20QzyZirI6ZewFU0JwRCf78hoHsnuen_eTfgX9DW5qI5BEDxOYVdBYG3bB050f1WW6polafeXqccSWAapZD3gN5htcZskMUXnVl6kx-zKn9taJd8LUk2uX3ztCuZiqSePwGuFy6JzKbDFMQ_4ykI9TshwAT-s-aBkwOSBQQIBBgBkgUECAUYBKAGLoAH6JTZK6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEPCRB9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTU1ODE4NjgyNzA4OTk4MDYYAA&sigh=d7FkET2LI24&uach_m=[UACH]&cid=CAQSPADUE5ymFObAGAU-jypC-uuvisWSTD8yuui4ynTI4rhYWK0bH8iTJz90NF4gy5eTCqHfAwBjlOMO50K_RBgB&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=4021405283&pi=t.aa~a.2129858836~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=2&bdt=2192&idt=-M&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280&nras=3&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=1378&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=St7qye3u5E&p=https%3A//vncare.net&dtd=68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 18 Mar 2023 17:14:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame 9D56 22 KB
9 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 18:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9101
x-xss-protection: 0
server: cafe
etag: 583283675565503348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 Mar 2023 18:08:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 9D56 3 KB
1 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 16:48:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1535
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Apr 2023 16:48:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 9D56 20 KB
8 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 18:07:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8617
x-xss-protection: 0
server: cafe
etag: 263085479041318444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 Mar 2023 18:07:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9D56 0
0 22ms
21ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRfcuPEkCQx_ghtpTiMRHejcusq2xxzQkJ5oNhnFBtQ7r7q9WTx-hk7xtUDTFqWbH-SrzNV_hIOZTTXa9JhBEt-CINLOw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=4021405283&pi=t.aa~a.2129858836~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=2&bdt=2192&idt=-M&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280&nras=3&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=1378&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=St7qye3u5E&p=https%3A//vncare.net&dtd=68
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9D56 158 KB
48 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:14:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Mar 2023 17:14:07 GMT

GET
H2 200 cbfababd91166e5076a7e33bfb78f317.js Show response
www.gstatic.com/mysidia/ Frame 9D56 34 KB
14 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cbfababd91166e5076a7e33bfb78f317.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 04:57:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44176
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14337
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 10:19:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 16 Jun 2023 04:57:51 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/3686182602542609584/ Frame 9D56 13 KB
13 KB 45ms
45ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3686182602542609584/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71412873b9aa34a1ca941dfc4b3b5e141caec06d52621addc053861f30dc472d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:14:07 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13133
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 11:07:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 17 Mar 2024 17:14:07 GMT

GET
DATA 200
OK truncated
/ Frame 9D56 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9D56 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FFF8 1 KB
643 B 13ms
13ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17446
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Mar 2023 12:23:21 GMT
etag: 48472445140208031
expires: Sun, 19 Mar 2023 12:23:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9D56 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47f41051f96af5a38ef82cf99a9f869cba2e8512d5bdb56a599a4fb0e574f5df

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js Show response
pagead2.googlesyndication.com/bg/ Frame 31F7 36 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fb29d4a25891606c32c76a3971a06ceb33d2750c966578813492dec8d38b851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 10:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14330
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 10:13:21 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame FFF8
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEA6ilya-bCJaahp4GBIBK3I&google_cver=1&google_push=Aa02lx8iLqb3943eVr2Ip7ZLpwfK6DO8jm_Um5kds6gTsR0q7O23IY1L14GNMDeUpGbVAmVX-gfMQx-M0P1DpIigZcKMXUi0KnBDx...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzc2MDM0MzI4NjIyNzYwMTc3Nw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKKlWMCnYV-QHmvhANeHLx4&google_cver=1

43 B
398 B

112ms
16ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKKlWMCnYV-QHmvhANeHLx4&google_cver=1
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 18 Mar 2023 17:14:07 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sat, 18 Mar 2023 17:14:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKKlWMCnYV-QHmvhANeHLx4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FFF8
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDRvbr5IvtWLJ74h--2xYaw&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDRvbr5IvtWLJ74h--2xYaw&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RVlXYnRiNmcxUERBODc1&google_gid=CAESEDRvbr5IvtWLJ74h--2xYaw&google_cver=1&google_push=Aa02lx-v0etPS1kNIQbAv-gxAamzbcISYo69k_lrGrTw21p...

170 B
188 B

27ms
26ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RVlXYnRiNmcxUERBODc1&google_gid=CAESEDRvbr5IvtWLJ74h--2xYaw&google_cver=1&google_push=Aa02lx-v0etPS1kNIQbAv-gxAamzbcISYo69k_lrGrTw21p1qmbCcVLi-zk0BhQOHEtlpa86dlbW2K_BBq5-4K3-3_sCXVZZ2MRcIBmJi7RenQC6Yo8RM-_U9dHfskLws60NaT6rwnMeqnOnl4JV4fc8UAqDPlc

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 17:14:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 18 Mar 2023 17:14:06 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-770-gc22eae1#rel-ec2-master i-0f98d39f03f7816e5@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RVlXYnRiNmcxUERBODc1&google_gid=CAESEDRvbr5IvtWLJ74h--2xYaw&google_cver=1&google_push=Aa02lx-v0etPS1kNIQbAv-gxAamzbcISYo69k_lrGrTw21p1qmbCcVLi-zk0BhQOHEtlpa86dlbW2K_BBq5-4K3-3_sCXVZZ2MRcIBmJi7RenQC6Yo8RM-_U9dHfskLws60NaT6rwnMeqnOnl4JV4fc8UAqDPlc
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FFF8
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEBF4VehzXEyhQLpXNrq4tOw&google_cver=1&google_push=Aa02lx-odsnqNlVpYSo1cHaJnET3gGmpZKFC8hll8quMl3lieKwbk1WtMVPFygBJcjY6XDYQk0nmhfBitNiDNkwprcObrXE5WgaYez...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FEAB1D33BDF44B7BBB44CD431B10FA88&google_push=Aa02lx-odsnqNlVpYSo1cHaJnET3gGmpZKFC8hll8quMl3lieKwbk1WtMVPFygBJcjY6XDYQk0nmhfBitNiDNkw...

170 B
188 B

25ms
24ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FEAB1D33BDF44B7BBB44CD431B10FA88&google_push=Aa02lx-odsnqNlVpYSo1cHaJnET3gGmpZKFC8hll8quMl3lieKwbk1WtMVPFygBJcjY6XDYQk0nmhfBitNiDNkwprcObrXE5WgaYezeLO6rdAQK110_suW-QIC9yarB8iB6rUKcH3kU8wgWkJnhII776DaBlVAw

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 17:14:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 18 Mar 2023 17:14:07 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FEAB1D33BDF44B7BBB44CD431B10FA88&google_push=Aa02lx-odsnqNlVpYSo1cHaJnET3gGmpZKFC8hll8quMl3lieKwbk1WtMVPFygBJcjY6XDYQk0nmhfBitNiDNkwprcObrXE5WgaYezeLO6rdAQK110_suW-QIC9yarB8iB6rUKcH3kU8wgWkJnhII776DaBlVAw
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 17 Mar 2023 17:14:07 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FFF8
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEsr6SduN5zGfV8wXd9HFfE&google_cver=1&google_push=Aa02lx_00uoAEFR7_g5pz5kMvdQUPDWjfu6y9L2XXiQ3Y_c4zlT8bopjHXUtDkAgF4LxX_GsjiERjvKR...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEsr6SduN5zGfV8wXd9HFfE&google_cver=1&google_push=Aa02lx_00uoAEFR7_g5pz5kMvdQUPDWjfu6y9L2XXiQ3Y_c4zlT8bopjHXUtDkAgF4LxX_GsjiE...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDk4NTk0NTUyNzU2NjA4Nzc2OA&google_push=Aa02lx_00uoAEFR7_g5pz5kMvdQUPDWjfu6y9L2XXiQ3Y_c4zlT8bopjHXUtDkAgF4LxX_GsjiERjv...

170 B
188 B

25ms
24ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDk4NTk0NTUyNzU2NjA4Nzc2OA&google_push=Aa02lx_00uoAEFR7_g5pz5kMvdQUPDWjfu6y9L2XXiQ3Y_c4zlT8bopjHXUtDkAgF4LxX_GsjiERjvKRPxIuiLpLftR2ITtgFcifPaUx9oTaBVy-EDz_jdfuxRhSPAsLHoAMrLViTeKVTPrTJ-q37f53ntjiAhA

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 17:14:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 18 Mar 2023 17:14:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDk4NTk0NTUyNzU2NjA4Nzc2OA&google_push=Aa02lx_00uoAEFR7_g5pz5kMvdQUPDWjfu6y9L2XXiQ3Y_c4zlT8bopjHXUtDkAgF4LxX_GsjiERjvKRPxIuiLpLftR2ITtgFcifPaUx9oTaBVy-EDz_jdfuxRhSPAsLHoAMrLViTeKVTPrTJ-q37f53ntjiAhA
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FFF8
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=i0mL5YcSSDyxsNTlzLrv3Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

25ms
24ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=i0mL5YcSSDyxsNTlzLrv3Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-5JYc50X4lKFsmBcDmml5E6Q_zmtKMi3EV_ZFP6n2Mxs6Tk7m2jiORRDGYAs7Ei1niZt13oxIeu4kIJlAO071hknGCVFx8VnBxJvVe3SHwgKk3q0YXAn7anMe08KySS74GgcB7D3ec6dseaJtzQqc7bw

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 17:14:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=i0mL5YcSSDyxsNTlzLrv3Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-5JYc50X4lKFsmBcDmml5E6Q_zmtKMi3EV_ZFP6n2Mxs6Tk7m2jiORRDGYAs7Ei1niZt13oxIeu4kIJlAO071hknGCVFx8VnBxJvVe3SHwgKk3q0YXAn7anMe08KySS74GgcB7D3ec6dseaJtzQqc7bw
date: Sat, 18 Mar 2023 17:14:06 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FFF8
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDpvPzWVG74lwYDKdBxWaoI&google_cver=1&google_push=Aa02lx_l1Sod2C3hVfqSR5gougi5DX9nOdseDETJKfYA4lb4cFw1IMwvnbNttJXZkQ3sTuB-k2F...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZFOEFSVjgtMTYtMk9JNQ==&google_push=Aa02lx_l1Sod2C3hVfqSR5gougi5DX9nOdseDETJKfYA4lb4cFw1IMwvnbNttJXZkQ3sTuB-k2FJ_4_shzXBhWaGZqsWRTdVLmfal...

170 B
188 B

25ms
25ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZFOEFSVjgtMTYtMk9JNQ==&google_push=Aa02lx_l1Sod2C3hVfqSR5gougi5DX9nOdseDETJKfYA4lb4cFw1IMwvnbNttJXZkQ3sTuB-k2FJ_4_shzXBhWaGZqsWRTdVLmfalCUxtARY_yWAyBZbXtkHkceNdufdP2nqiQKeP7TRy9oJOKuB73FrmPw5l9M

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 17:14:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZFOEFSVjgtMTYtMk9JNQ==&google_push=Aa02lx_l1Sod2C3hVfqSR5gougi5DX9nOdseDETJKfYA4lb4cFw1IMwvnbNttJXZkQ3sTuB-k2FJ_4_shzXBhWaGZqsWRTdVLmfalCUxtARY_yWAyBZbXtkHkceNdufdP2nqiQKeP7TRy9oJOKuB73FrmPw5l9M
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FFF8
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELKOpFBuFVjjY-iFiA1qX8s&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELKOpFBuFVjjY-iFiA1qX8s&google_hm=ZBXxXvCjspw_rmjR_KkcJgAABE4AAAAB&google_nid=index&google_push=Aa02lx946WXEqF06k4e_voN5sORHaPDsUTA35...

170 B
188 B

24ms
24ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELKOpFBuFVjjY-iFiA1qX8s&google_hm=ZBXxXvCjspw_rmjR_KkcJgAABE4AAAAB&google_nid=index&google_push=Aa02lx946WXEqF06k4e_voN5sORHaPDsUTA3546jH8B_7Og5swOSrDTmicPCjVRT6ZUpDhooyQC_f7XvRsk0tyQs6urRw1NDXBgJXon6hrdNoRKi0G1hLcmh3ds5p47OLWntLKrf0fbfKuQkBqbOFN6Ozw2nQiY

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 17:14:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 18 Mar 2023 17:14:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELKOpFBuFVjjY-iFiA1qX8s&google_hm=ZBXxXvCjspw_rmjR_KkcJgAABE4AAAAB&google_nid=index&google_push=Aa02lx946WXEqF06k4e_voN5sORHaPDsUTA3546jH8B_7Og5swOSrDTmicPCjVRT6ZUpDhooyQC_f7XvRsk0tyQs6urRw1NDXBgJXon6hrdNoRKi0G1hLcmh3ds5p47OLWntLKrf0fbfKuQkBqbOFN6Ozw2nQiY
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame FFF8 0
12 B 23ms
22ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L9iotedmzXzbLzvSJW1rvDcJSgs7YBSgB3lTf-uVzdKvIYACpw50l26bk7_dbJ3zKCSFpt

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:14:07 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 9D56 28 KB
28 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:13:15 GMT
x-content-type-options: nosniff
age: 52
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Mar 2024 17:13:15 GMT

GET
H3 200 n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js Show response
pagead2.googlesyndication.com/bg/ Frame 5806 36 KB
14 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fb29d4a25891606c32c76a3971a06ceb33d2750c966578813492dec8d38b851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 10:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14330
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 10:13:21 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7308 8 KB
895 B 25ms
24ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=4005583156&pi=t.aa~a.2129838750~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=2&bdt=2192&idt=-M&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280%2C1182x280&nras=4&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=2033&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xdURMkbjTf&p=https%3A//vncare.net&dtd=73

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 18 Mar 2023 17:14:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 18 Mar 2023 16:22:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 Mar 2023 17:14:07 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 7308 2 KB
765 B 14ms
13ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=4005583156&pi=t.aa~a.2129838750~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=2&bdt=2192&idt=-M&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280%2C1182x280&nras=4&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=2033&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xdURMkbjTf&p=https%3A//vncare.net&dtd=73

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 18:12:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82881
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 Mar 2023 18:12:46 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame 7308 22 KB
9 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=4005583156&pi=t.aa~a.2129838750~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=2&bdt=2192&idt=-M&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280%2C1182x280&nras=4&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=2033&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xdURMkbjTf&p=https%3A//vncare.net&dtd=73

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 18:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9101
x-xss-protection: 0
server: cafe
etag: 583283675565503348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 Mar 2023 18:08:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 7308 3 KB
1 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=4005583156&pi=t.aa~a.2129838750~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=2&bdt=2192&idt=-M&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280%2C1182x280&nras=4&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=2033&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xdURMkbjTf&p=https%3A//vncare.net&dtd=73

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 16:48:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1535
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Apr 2023 16:48:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 7308 20 KB
8 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=4005583156&pi=t.aa~a.2129838750~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=2&bdt=2192&idt=-M&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280%2C1182x280&nras=4&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=2033&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xdURMkbjTf&p=https%3A//vncare.net&dtd=73

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 18:07:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8617
x-xss-protection: 0
server: cafe
etag: 263085479041318444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 Mar 2023 18:07:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7308 158 KB
48 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=4005583156&pi=t.aa~a.2129838750~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=2&bdt=2192&idt=-M&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280%2C1182x280&nras=4&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=2033&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xdURMkbjTf&p=https%3A//vncare.net&dtd=73

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:14:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Mar 2023 17:14:07 GMT

GET
H3 200 23cf7cdae9f50ee7270380e7f4964b21.js Show response
www.gstatic.com/mysidia/ Frame 7308 34 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/23cf7cdae9f50ee7270380e7f4964b21.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=4005583156&pi=t.aa~a.2129838750~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=2&bdt=2192&idt=-M&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280%2C1182x280&nras=4&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=2033&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xdURMkbjTf&p=https%3A//vncare.net&dtd=73

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfb251ab625fc65ba9da3b27cc16fc25459480c929e6e8ff1efb2fa87fd72659

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 20:21:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 334335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14432
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 20:00:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 12 Jun 2023 20:21:52 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7308 0
0 58ms
58ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CqoTVXvEVZISiE5fEiwPewIzgBPmWn_lt78Tll54RneXs38EBEAEgpafvHmCVgoCAlAegAbj2lIEpyAEJqQLVYLTSw-axPqgDAcgDywSqBN0BT9CTsjGN0HTTJCLK9Y7KqQ6ckj4Pc0-XlrITd9XsyBJ9Wl6gM730duxaJvnvkWMLEf__DpougaPlErWXnwWD1mCEEkAOdbxpkIO7zl83qWkfvzzs4z56VFn2Pl8gwk1a5MNGTqm1SHGKKh2Zg4SQR2PzkMxQ8DaHmUVzJKFMZ1fe2OX6jY6I0rCnay-TXx92-URuG5z289IlqnSKJdsyBB3jkuYoLQ9EZY3wnm8596536gmOf-y5GvBo-iut9lFZfPpDU-bx2r_CPF2oB6rSjCZKjW1xSDu9csl0PPPABNmk2qefBJIFBAgEGAGSBQQIBRgEoAYugAe4ruXgA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJ_VD9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMK0BUBgBcBshccChoIABIUcHViLTU1ODE4NjgyNzA4OTk4MDYYAA&sigh=mt0lzI12zLE&uach_m=[UACH]&cid=CAQSPADUE5ym6yDQP_455vsyxM3u0xdqmMyndW9JdFf-suHG8gu4EncMmJP0TsUlArfW2UnQBxCzNc4Yg8DC9xgB&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=4005583156&pi=t.aa~a.2129838750~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=2&bdt=2192&idt=-M&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280%2C1182x280&nras=4&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=2033&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xdURMkbjTf&p=https%3A//vncare.net&dtd=73

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=4005583156&pi=t.aa~a.2129838750~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=2&bdt=2192&idt=-M&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280%2C1182x280&nras=4&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=2033&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xdURMkbjTf&p=https%3A//vncare.net&dtd=73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 18 Mar 2023 17:14:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/6503400932018379269/ Frame 7308 28 KB
28 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6503400932018379269/14763004658117789537?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=4005583156&pi=t.aa~a.2129838750~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=2&bdt=2192&idt=-M&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280%2C1182x280&nras=4&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=2033&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xdURMkbjTf&p=https%3A//vncare.net&dtd=73

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a95141ae78e1b5f3d8a28ccd2c6e57f08c32f1b6ebc76ab2cec2ad0e9f0f6ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 12:00:13 GMT
x-content-type-options: nosniff
age: 18834
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28603
x-xss-protection: 0
last-modified: Sat, 18 Mar 2023 08:57:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 17 Mar 2024 12:00:13 GMT

GET
DATA 200
OK truncated
/ Frame 7308 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7308 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0689 1 KB
643 B 13ms
12ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=4005583156&pi=t.aa~a.2129838750~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=2&bdt=2192&idt=-M&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280%2C1182x280&nras=4&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=2033&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xdURMkbjTf&p=https%3A//vncare.net&dtd=73

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17446
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Mar 2023 12:23:21 GMT
etag: 48472445140208031
expires: Sun, 19 Mar 2023 12:23:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7308 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e49fc3931afbacf1d3d9dd739df6fad1e85757b96d5f457de757ab36d6083c6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame D01A 8 KB
895 B 28ms
27ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=2457907049&pi=t.aa~a.2129839751~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=1&bdt=2192&idt=1&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280%2C1182x280%2C1182x280&nras=5&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=2688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=2EdjGQootg&p=https%3A//vncare.net&dtd=77

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 18 Mar 2023 17:14:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 18 Mar 2023 15:47:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 Mar 2023 17:14:07 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame D01A 2 KB
765 B 14ms
14ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=2457907049&pi=t.aa~a.2129839751~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=1&bdt=2192&idt=1&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280%2C1182x280%2C1182x280&nras=5&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=2688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=2EdjGQootg&p=https%3A//vncare.net&dtd=77

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 18:12:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82881
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 Mar 2023 18:12:46 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame D01A 22 KB
9 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=2457907049&pi=t.aa~a.2129839751~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=1&bdt=2192&idt=1&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280%2C1182x280%2C1182x280&nras=5&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=2688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=2EdjGQootg&p=https%3A//vncare.net&dtd=77

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 18:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9101
x-xss-protection: 0
server: cafe
etag: 583283675565503348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 Mar 2023 18:08:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame D01A 3 KB
1 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=2457907049&pi=t.aa~a.2129839751~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=1&bdt=2192&idt=1&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280%2C1182x280%2C1182x280&nras=5&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=2688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=2EdjGQootg&p=https%3A//vncare.net&dtd=77

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 16:48:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1535
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Apr 2023 16:48:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame D01A 20 KB
8 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=2457907049&pi=t.aa~a.2129839751~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=1&bdt=2192&idt=1&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280%2C1182x280%2C1182x280&nras=5&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=2688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=2EdjGQootg&p=https%3A//vncare.net&dtd=77

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 18:07:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8617
x-xss-protection: 0
server: cafe
etag: 263085479041318444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 Mar 2023 18:07:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D01A 0
0 22ms
21ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSM7QGwUtfQ1Z11ra-87MUEyxDzLAZxyCeEHOI14p04YiMitO3yocsAPIApLyE-CdgFI5zvMflACxH3CJnVzXb-XsClJQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=2457907049&pi=t.aa~a.2129839751~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=1&bdt=2192&idt=1&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280%2C1182x280%2C1182x280&nras=5&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=2688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=2EdjGQootg&p=https%3A//vncare.net&dtd=77
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D01A 158 KB
48 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=2457907049&pi=t.aa~a.2129839751~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=1&bdt=2192&idt=1&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280%2C1182x280%2C1182x280&nras=5&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=2688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=2EdjGQootg&p=https%3A//vncare.net&dtd=77

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:14:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Mar 2023 17:14:07 GMT

GET
H3 200 cbfababd91166e5076a7e33bfb78f317.js Show response
www.gstatic.com/mysidia/ Frame D01A 34 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cbfababd91166e5076a7e33bfb78f317.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=2457907049&pi=t.aa~a.2129839751~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=1&bdt=2192&idt=1&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280%2C1182x280%2C1182x280&nras=5&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=2688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=2EdjGQootg&p=https%3A//vncare.net&dtd=77

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 04:57:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44176
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14337
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 10:19:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 16 Jun 2023 04:57:51 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D01A 0
0 58ms
57ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cu2GqXvEVZN6pE46U_tMPhL2VwAXOp-C5b8XnjbCLEczHmqb9CBABIKWn7x5glYKAgJQHoAGwuqHXA8gBCakC1WC00sPmsT6oAwHIA8sEqgTDAU_QPq44vzjIyZ9qy5qJbGwtqV7JMMnjneXeHJwQSbY2BFdDEkqEoPo9E7fnRsp-QXzIq4W_RHw9Jg5hkNKPtdnnNhDEkOp1z0qHywTAb0IT-QzeIU9-dCKOqtwdtfdiVfn-bCnDPyCpz1UwZhfUrq6mHePEJx3XmqR7Hlylh7NXogdkgpQpYfNwWOFW64832takpYQwRgxRQStgahh1DpBRb5XygW3jAxaGU40PWBad6zngSeqKfH13YQCoTW6qoHk_w8AE0e326KwEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8X3rT6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC3-QvSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDYgUAdAVAYAXAbIXHAoaCAASFHB1Yi01NTgxODY4MjcwODk5ODA2GAA&sigh=UOXM7u-L0fo&uach_m=[UACH]&cid=CAQSPADUE5ymzS3A0LGauW-8C7sNtmFJad4nFGR_Kv_lvdYW-lfzG-1FvtjOvSFLPsNfys6nFhWKRO5jPiaGbRgB&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=2457907049&pi=t.aa~a.2129839751~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=1&bdt=2192&idt=1&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280%2C1182x280%2C1182x280&nras=5&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=2688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=2EdjGQootg&p=https%3A//vncare.net&dtd=77

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=2457907049&pi=t.aa~a.2129839751~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=1&bdt=2192&idt=1&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280%2C1182x280%2C1182x280&nras=5&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=2688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=2EdjGQootg&p=https%3A//vncare.net&dtd=77
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 18 Mar 2023 17:14:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 0689
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKKlWMCnYV-QHmvhANeHLx4&google_cver=1&google_push=Aa02lx-P7SLpJu57DTe5O5TzqaZsb9QQbJoDZ85hZNR7zZGF9JBuWPh2OPviqJ4ilKqsdEwjjcP81q06eD-yj3LHdSzgMjR9ERPbq...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzc2MDM0MzI4NjIyNzYwMTc3Nw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHwsOS_EJl3zKupw65sVYsY&google_cver=1

43 B
398 B

42ms
15ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHwsOS_EJl3zKupw65sVYsY&google_cver=1
Requested by: Host: vncare.net
URL: https://vncare.net/
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 18 Mar 2023 17:14:07 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sat, 18 Mar 2023 17:14:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHwsOS_EJl3zKupw65sVYsY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0689
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEH6awNPdH8lWWhl8GGNUZME&google_cver=1&google_push=Aa02lx8CssIi_7P3kYvC6eSLJeQSe3lgL7TT3hGRqqevoT71EGhKxJzmGH-oP5O-eAs-5mUVP3brv-g3kUB9t0vj...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx8CssIi_7P3kYvC6eSLJeQSe3lgL7TT3hGRqqevoT71EGhKxJzmGH-oP5O-eAs-5mUVP3brv-g3kUB9t0vjlMdtPerXTa0UcI4xLhhBubALIDDk13...

170 B
188 B

24ms
24ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx8CssIi_7P3kYvC6eSLJeQSe3lgL7TT3hGRqqevoT71EGhKxJzmGH-oP5O-eAs-5mUVP3brv-g3kUB9t0vjlMdtPerXTa0UcI4xLhhBubALIDDk13hgUDxXi6Ssov1LbbcCYsc7oB5zzbxFK3uDC3gbxg

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 17:14:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 18 Mar 2023 17:14:07 GMT
Server: MT3 569 46451a0 master zrh-pixel-x4 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx8CssIi_7P3kYvC6eSLJeQSe3lgL7TT3hGRqqevoT71EGhKxJzmGH-oP5O-eAs-5mUVP3brv-g3kUB9t0vjlMdtPerXTa0UcI4xLhhBubALIDDk13hgUDxXi6Ssov1LbbcCYsc7oB5zzbxFK3uDC3gbxg
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 18 Mar 2023 17:14:06 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0689
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBKQw3K8fXPy0etXfTIgRyY&google_push=Aa02lx-BfVBTi3wJ6vgeVWhVxUEZS6v-fzqYZvOBZeEnurd8ZCy2iHGo67...

170 B
188 B

24ms
24ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBKQw3K8fXPy0etXfTIgRyY&google_push=Aa02lx-BfVBTi3wJ6vgeVWhVxUEZS6v-fzqYZvOBZeEnurd8ZCy2iHGo67ewkVbagz-TsDRzb8W-zkl1XyVffYms-wLrYZm_2nlkqZxRUityl4EsWwqbm8s4TFAXa5oeRMERu2erG3KNuykoP1rDCijNuCS1uMU

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 17:14:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230089-FRA
pragma: no-cache
date: Sat, 18 Mar 2023 17:14:07 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1679159647.297921,VS0,VE94
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBKQw3K8fXPy0etXfTIgRyY&google_push=Aa02lx-BfVBTi3wJ6vgeVWhVxUEZS6v-fzqYZvOBZeEnurd8ZCy2iHGo67ewkVbagz-TsDRzb8W-zkl1XyVffYms-wLrYZm_2nlkqZxRUityl4EsWwqbm8s4TFAXa5oeRMERu2erG3KNuykoP1rDCijNuCS1uMU
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 0689 70 B
265 B 105ms
31ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEM6n_nuCEH9UbqV3id-m9dQ&google_cver=1&google_push=Aa02lx_dnCzIY7IBdpqQyW2zb4KJq3tDHLf-RznibIlHIHUXmAQI4M2WY3U7UncOJd-B0EJWWFqcxlQDxF5LarmXb4Jffh4UuO4vt3MYCXeJ7E2K3iMU7y6bkKwicJu-q7SrTVhMlYDnX5Jbenu9xU2m6OvSgw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=4005583156&pi=t.aa~a.2129838750~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=2&bdt=2192&idt=-M&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280%2C1182x280&nras=4&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=2033&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xdURMkbjTf&p=https%3A//vncare.net&dtd=73
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 18 Mar 2023 17:14:07 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 0689 0
191 B 59ms
12ms Image
text/plain 98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEHNHtfh91yUhzcNpibtnJ0I&google_cver=1&google_push=Aa02lx8zewD9pcgXLRM2zId2HkNSPPfeyRsrOa1oKm6L-6H0mpcnNSS-CRTUox-Two09vw3TPo_Ypd5xUh73VfqhaZxp02TEuO-ghNBGS0beke-rFVuO_eJuHqiXwLsf-zMf_O8VH9-GRhlNB5XxbSXTFI77EFo
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=4005583156&pi=t.aa~a.2129838750~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=2&bdt=2192&idt=-M&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280%2C1182x280&nras=4&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=2033&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xdURMkbjTf&p=https%3A//vncare.net&dtd=73
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Sat, 18 Mar 2023 17:14:06 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0689
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBL2GnwynsrZ8XYB5KIa0-I&google_cver=1&google_push=Aa02lx_cGgzJyuNLWhlt1lLNqJg4eRdPS5IK07ok3Dg_HGuTBkIhDZtmGeJpjezfYhsl9j-i4y93SA6L...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzEzMDgyNTI2MTE1MzM5MzcyMg&google_push=Aa02lx_cGgzJyuNLWhlt1lLNqJg4eRdPS5IK07ok3Dg_HGuTBkIhDZtmGeJpjezfYhsl9j-i4y93SA...

170 B
188 B

24ms
23ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzEzMDgyNTI2MTE1MzM5MzcyMg&google_push=Aa02lx_cGgzJyuNLWhlt1lLNqJg4eRdPS5IK07ok3Dg_HGuTBkIhDZtmGeJpjezfYhsl9j-i4y93SA6Lfo_6xJlE8_hJfStvMGaJTU8aQmSD12vkqYmztxR1H24JIC30GDFjACDSkgNfsu-p8q4Sb2TAXj6K0A

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 17:14:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 18 Mar 2023 17:14:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzEzMDgyNTI2MTE1MzM5MzcyMg&google_push=Aa02lx_cGgzJyuNLWhlt1lLNqJg4eRdPS5IK07ok3Dg_HGuTBkIhDZtmGeJpjezfYhsl9j-i4y93SA6Lfo_6xJlE8_hJfStvMGaJTU8aQmSD12vkqYmztxR1H24JIC30GDFjACDSkgNfsu-p8q4Sb2TAXj6K0A
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0689
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPUBV2-K0OL0472K7HypMmI&google_cver=1&google_push=Aa02lx9BFsK-Xx718PMrUXY8E8S9lAqoulQ2IEyOjuGuUglyvM63MUTbR7ImjuQhDfKDBD8p9B2...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZFOEFSWVEtQS1LU0hS&google_push=Aa02lx9BFsK-Xx718PMrUXY8E8S9lAqoulQ2IEyOjuGuUglyvM63MUTbR7ImjuQhDfKDBD8p9B2AAWNckXnQJIOEh1gXiL_aS7IU_CuMM...

170 B
188 B

25ms
24ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZFOEFSWVEtQS1LU0hS&google_push=Aa02lx9BFsK-Xx718PMrUXY8E8S9lAqoulQ2IEyOjuGuUglyvM63MUTbR7ImjuQhDfKDBD8p9B2AAWNckXnQJIOEh1gXiL_aS7IU_CuMMWpzn-QM6mvQTVosFX_Vebrcm0dDJSyNbGsaJRxVVhPB4FztOu-oOg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=4005583156&pi=t.aa~a.2129838750~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=2&bdt=2192&idt=-M&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280%2C1182x280&nras=4&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=2033&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xdURMkbjTf&p=https%3A//vncare.net&dtd=73

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 17:14:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZFOEFSWVEtQS1LU0hS&google_push=Aa02lx9BFsK-Xx718PMrUXY8E8S9lAqoulQ2IEyOjuGuUglyvM63MUTbR7ImjuQhDfKDBD8p9B2AAWNckXnQJIOEh1gXiL_aS7IU_CuMMWpzn-QM6mvQTVosFX_Vebrcm0dDJSyNbGsaJRxVVhPB4FztOu-oOg
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
Expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0689 0
12 B 24ms
21ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IQf3Wk_5Xl0hAYa1OevPhXO2QocPbJJDKQeGZW6n6VEc1qHkCGElMWd10P__6_uK_tpM1b

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=4005583156&pi=t.aa~a.2129838750~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=2&bdt=2192&idt=-M&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280%2C1182x280&nras=4&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=2033&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xdURMkbjTf&p=https%3A//vncare.net&dtd=73

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:14:07 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 7308 28 KB
28 KB 20ms
17ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:13:15 GMT
x-content-type-options: nosniff
age: 52
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Mar 2024 17:13:15 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/13950622309288459253/ Frame D01A 30 KB
30 KB 18ms
16ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13950622309288459253/14763004658117789537?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=2457907049&pi=t.aa~a.2129839751~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=1&bdt=2192&idt=1&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280%2C1182x280%2C1182x280&nras=5&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=2688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=2EdjGQootg&p=https%3A//vncare.net&dtd=77

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fce7ce9a75b68aa492b3d14822f43fb55eeac9e3c9684960138206f1d7a79fa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 19:36:17 GMT
x-content-type-options: nosniff
age: 77870
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30310
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 09:21:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Mar 2024 19:36:17 GMT

GET
DATA 200
OK truncated
/ Frame D01A 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D01A 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 574c309a9947e14eb06f7dc515f8a3d0ab9577bcb4a01d46011948094f2173c4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js Show response
pagead2.googlesyndication.com/bg/ Frame 60A8 36 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=4005583156&pi=t.aa~a.2129838750~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=2&bdt=2192&idt=-M&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280%2C1182x280&nras=4&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=2033&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xdURMkbjTf&p=https%3A//vncare.net&dtd=73

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fb29d4a25891606c32c76a3971a06ceb33d2750c966578813492dec8d38b851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 10:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14330
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 10:13:21 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B221 1 KB
643 B 13ms
12ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=2457907049&pi=t.aa~a.2129839751~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=1&bdt=2192&idt=1&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280%2C1182x280%2C1182x280&nras=5&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=2688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=2EdjGQootg&p=https%3A//vncare.net&dtd=77

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17446
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Mar 2023 12:23:21 GMT
etag: 48472445140208031
expires: Sun, 19 Mar 2023 12:23:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D01A 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d9c4b019dd7347e819fff0db03390cdaa543efbfea21c11c0bcedcb6c8a8dd9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame B221 0
104 B 128ms
26ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESELapjpAV1KJF0nrOR0uW8mM&google_cver=1&google_push=Aa02lx8QX_TIpu3wqd3fLeURTwSpD7Kzsb-flTeOtASqo7wq4ir1aUAdO_QHlbG9DS2Wjdsla0Kjb-fe28L5sSF6H2IHbQ2SyzZBfg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=2457907049&pi=t.aa~a.2129839751~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=1&bdt=2192&idt=1&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280%2C1182x280%2C1182x280&nras=5&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=2688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=2EdjGQootg&p=https%3A//vncare.net&dtd=77
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 17:14:07 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B221
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELvjAPCc90yiU9MxHo6SbGM&google_cver=1&google_push=Aa02lx-ts92P5d906GnvMYIk0rqTXkUZeASLnwL8-6CUiBKV531qOXokt2EO-teAk763HJ0l3wcMWFRhSEB34Vil...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=3lRkFfFfQACgmwKS_lVNiA&google_push=Aa02lx-ts92P5d906GnvMYIk0rqTXkUZeASLnwL8-6CUiBKV531qOXokt2EO-teAk763HJ0l3wcMWFRhSEB34VilMLmY5dcH...

170 B
188 B

23ms
23ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=3lRkFfFfQACgmwKS_lVNiA&google_push=Aa02lx-ts92P5d906GnvMYIk0rqTXkUZeASLnwL8-6CUiBKV531qOXokt2EO-teAk763HJ0l3wcMWFRhSEB34VilMLmY5dcHR456vw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=2457907049&pi=t.aa~a.2129839751~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=1&bdt=2192&idt=1&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280%2C1182x280%2C1182x280&nras=5&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=2688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=2EdjGQootg&p=https%3A//vncare.net&dtd=77

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 17:14:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 18 Mar 2023 17:14:07 GMT
Server: MT3 622 a74c1f2 master zrh-pixel-x1 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=3lRkFfFfQACgmwKS_lVNiA&google_push=Aa02lx-ts92P5d906GnvMYIk0rqTXkUZeASLnwL8-6CUiBKV531qOXokt2EO-teAk763HJ0l3wcMWFRhSEB34VilMLmY5dcHR456vw
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 18 Mar 2023 17:14:06 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame B221 70 B
264 B 34ms
31ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMr1HgEFplB7giVp7s0DVuY&google_cver=1&google_push=Aa02lx9QS-SBMf_R32d1DR1d6LGBMQSivHaGcGFMRIXqwbFrXQjTHKyZ-r0AfSoAIiNFHZb0B9DadfgI3Vov_-Z4Gk464pDJEZx4yQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=2457907049&pi=t.aa~a.2129839751~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=1&bdt=2192&idt=1&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280%2C1182x280%2C1182x280&nras=5&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=2688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=2EdjGQootg&p=https%3A//vncare.net&dtd=77
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 18 Mar 2023 17:14:07 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B221
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEG2lmXk_CPWYjGajazKidIw&google_cver=1&google_push=Aa02lx9VuPI5obQD6gbRGBSSyQn4jOhqxB_V07uijRYsXPAp_64U_ZSDcUZI2HEH2C96sdMA0VliQs0L6UvmtHDdovoz5ss...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9VuPI5obQD6gbRGBSSyQn4jOhqxB_V07uijRYsXPAp_64U_ZSDcUZI2HEH2C96sdMA0VliQs0L6UvmtHDdovoz5ssGN6CNLw&google_hm=eS1tWWdQb3hCRTJwRmlU...

170 B
188 B

23ms
22ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9VuPI5obQD6gbRGBSSyQn4jOhqxB_V07uijRYsXPAp_64U_ZSDcUZI2HEH2C96sdMA0VliQs0L6UvmtHDdovoz5ssGN6CNLw&google_hm=eS1tWWdQb3hCRTJwRmlUU2poN21weXFCNjRFMDZ2ckZhT35B

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 17:14:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 18 Mar 2023 17:14:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9VuPI5obQD6gbRGBSSyQn4jOhqxB_V07uijRYsXPAp_64U_ZSDcUZI2HEH2C96sdMA0VliQs0L6UvmtHDdovoz5ssGN6CNLw&google_hm=eS1tWWdQb3hCRTJwRmlUU2poN21weXFCNjRFMDZ2ckZhT35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B221
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFqcQjEnVTflH5F3du0QQK0&google_cver=1&google_push=Aa02lx_1YpZRXZipQ7gwpwpH6db2A_mW8jM5tmaWHI7YJn5k3UEHiLLOr1XjkI1rOXYEXOGoDWaKv8cj...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzEzMDgyNTI2MTE1MzM5MzcyMg&google_push=Aa02lx_1YpZRXZipQ7gwpwpH6db2A_mW8jM5tmaWHI7YJn5k3UEHiLLOr1XjkI1rOXYEXOGoDWaKv8...

170 B
188 B

24ms
24ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzEzMDgyNTI2MTE1MzM5MzcyMg&google_push=Aa02lx_1YpZRXZipQ7gwpwpH6db2A_mW8jM5tmaWHI7YJn5k3UEHiLLOr1XjkI1rOXYEXOGoDWaKv8cj18NDIpLQCcNubuWBsTIHdA

Requested by

Host: vncare.net
URL: https://vncare.net/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 17:14:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 18 Mar 2023 17:14:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzEzMDgyNTI2MTE1MzM5MzcyMg&google_push=Aa02lx_1YpZRXZipQ7gwpwpH6db2A_mW8jM5tmaWHI7YJn5k3UEHiLLOr1XjkI1rOXYEXOGoDWaKv8cj18NDIpLQCcNubuWBsTIHdA
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B221
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=i0mL5YcSSDyxsNTlzLrv3Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

23ms
23ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=i0mL5YcSSDyxsNTlzLrv3Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx8fAwbOgh5FPwMjm58Je9itMXO45Dpj-C3KZ1b4EJOmMWicdLd6phRzpcMdVvzmRPSMKXx2WjPaBg7mil64rUBGOznsT3twGw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=2457907049&pi=t.aa~a.2129839751~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=1&bdt=2192&idt=1&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280%2C1182x280%2C1182x280&nras=5&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=2688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=2EdjGQootg&p=https%3A//vncare.net&dtd=77

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 17:14:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=i0mL5YcSSDyxsNTlzLrv3Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx8fAwbOgh5FPwMjm58Je9itMXO45Dpj-C3KZ1b4EJOmMWicdLd6phRzpcMdVvzmRPSMKXx2WjPaBg7mil64rUBGOznsT3twGw
date: Sat, 18 Mar 2023 17:14:07 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B221
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEG20B_rJGVi6Bi58rY_u8gU&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEG20B_rJGVi6Bi58rY_u8gU&google_hm=ZBXxXvCjspw_rmjR_KkcJgAABE4AAAAB&google_nid=index&google_push=Aa02lx_TYu-aORt0GKPwd_sqkrzkis1Dmzfs_...

170 B
188 B

24ms
24ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEG20B_rJGVi6Bi58rY_u8gU&google_hm=ZBXxXvCjspw_rmjR_KkcJgAABE4AAAAB&google_nid=index&google_push=Aa02lx_TYu-aORt0GKPwd_sqkrzkis1Dmzfs_UM5ovN0MCUs519T9kEWdUfiCRsimE1Agwj_11TxxYfYj7n1Me_-05_RD6XxS1N97Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=2457907049&pi=t.aa~a.2129839751~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=1&bdt=2192&idt=1&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280%2C1182x280%2C1182x280&nras=5&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=2688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=2EdjGQootg&p=https%3A//vncare.net&dtd=77

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 17:14:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 18 Mar 2023 17:14:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEG20B_rJGVi6Bi58rY_u8gU&google_hm=ZBXxXvCjspw_rmjR_KkcJgAABE4AAAAB&google_nid=index&google_push=Aa02lx_TYu-aORt0GKPwd_sqkrzkis1Dmzfs_UM5ovN0MCUs519T9kEWdUfiCRsimE1Agwj_11TxxYfYj7n1Me_-05_RD6XxS1N97Q
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B221 0
12 B 21ms
20ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LQGjp1zv4LMFvA7sBV4-T1wbcQw387ZYGs8BmHZm8EcV0caVYgLSy013-LMShBAzHy0xcF

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=2457907049&pi=t.aa~a.2129839751~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=1&bdt=2192&idt=1&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280%2C1182x280%2C1182x280&nras=5&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=2688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=2EdjGQootg&p=https%3A//vncare.net&dtd=77

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:14:07 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame D01A 28 KB
28 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:13:15 GMT
x-content-type-options: nosniff
age: 52
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Mar 2024 17:13:15 GMT

GET
H3 200 n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js Show response
pagead2.googlesyndication.com/bg/ Frame 87DA 36 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5581868270899806&output=html&h=280&adk=1057542704&adf=2457907049&pi=t.aa~a.2129839751~rp.4&w=1182&fwrn=4&fwrnh=100&lmt=1679159646&rafmt=1&to=qs&pwprc=7526812580&format=1182x280&url=https%3A%2F%2Fvncare.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679159646138&bpp=1&bdt=2192&idt=1&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1855e5b79047b9e-22eaa90ed6de0076%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg&gpic=UID%3D00000bc8116a37ed%3AT%3D1679159645%3ART%3D1679159645%3AS%3DALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA&prev_fmts=0x0%2C1200x280%2C1182x280%2C1182x280&nras=5&correlator=503987971305&frm=20&pv=1&ga_vid=329108169.1679159645&ga_sid=1679159646&ga_hid=1733466098&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=2688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777876%2C31072953%2C31073058%2C31073104%2C31073106%2C44774606%2C31071261&oid=2&pvsid=2404714718596171&tmod=1800411628&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=2EdjGQootg&p=https%3A//vncare.net&dtd=77

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fb29d4a25891606c32c76a3971a06ceb33d2750c966578813492dec8d38b851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 10:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14330
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 10:13:21 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9A6E 42 B
174 B 51ms
51ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv0t63M6DS_-pO8SKgDgZVh1-rk17M5abb46qh5iPTFGLhNQLphaNHTSZ6xNr1yCtRfYi6FsgiVve5xELBLcoGOgJ8uoUV0Lg77_YVhYbfrhWVmak1bYWBqerRQAuq9dyIO6NLl3w&sai=AMfl-YRBPDVrGQrinPJZdD5g9d7jCV8Ejl1jEJDVpHQ4eBVuFNcndrSvMgMP0uTP9ZynubiWQsSQ3hC73i03&sig=Cg0ArKJSzN6nYdFrECnXEAE&cid=CAQSGwDUE5ymC2ERDPKw26JHAB20c_YRn51yLIgyZBgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=303,818,1000,1068,1068&tos=303,515,182,68,0&v=20230315&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679159646290&rpt=232&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 17:14:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css2
fonts.googleapis.com/ 7 KB
656 B 24ms
24ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600&display=swap

Requested by

Host: vcdn.subiz-cdn.com
URL: https://vcdn.subiz-cdn.com/widget-v4/public/186c9849f9c.app.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bb45186df56434cecc5dfb1e5676b85b42742d42f4606a9ebc7cf5a5538b5962

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 18 Mar 2023 17:14:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 18 Mar 2023 15:16:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 Mar 2023 17:14:07 GMT

GET
H2 400 xerlkdxytpcfuplouxemehvhqmffuhxpdvklebxw Show response
api.sbz.vn/4.0/accounts/acrbglqzghjwguvnwdvo/users/ 176 B
396 B 967ms
231ms XHR
application/json 35.213.167.91
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sbz.vn/4.0/accounts/acrbglqzghjwguvnwdvo/users/xerlkdxytpcfuplouxemehvhqmffuhxpdvklebxw?v=6&x-user-ref=xerlkdxytpcfuplouxemehvhqmffuhxpdvklebxw
Requested by: Host: vcdn.subiz-cdn.com
URL: https://vcdn.subiz-cdn.com/widget-v4/public/186c9849f9c.app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.213.167.91 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS: 91.167.213.35.bc.googleusercontent.com
Software: /
Resource Hash: ee4318163560088d9db832bf910f6fdf2e5acbed976d60152a4cd782816df821

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:14:08 GMT
content-encoding: gzip
via: 1.1 google
x-api-time: 7.417995ms
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vncare.net
access-control-allow-credentials: true
x-api-host: api-596cbc458c-wg5lp
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 154

GET
H3 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
37 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vncare.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:17:36 GMT
x-content-type-options: nosniff
age: 201391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Mar 2024 09:17:36 GMT

GET
H3 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2
fonts.gstatic.com/s/inter/v12/ 56 KB
56 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45606f837ab8530c01f3602592ed7a118450be4ef3f629ca644d0543099e5c6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vncare.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 16:31:13 GMT
x-content-type-options: nosniff
age: 175374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56968
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 21:29:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Mar 2024 16:31:13 GMT

GET
H3 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa2pL7SUc.woff2
fonts.gstatic.com/s/inter/v12/ 8 KB
8 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa2pL7SUc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac4e131ca9a592d8d092e617c759bc5ac35d411a11fdf1610ba834330ab94d91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vncare.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 22:49:55 GMT
x-content-type-options: nosniff
age: 498252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8640
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:53:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Mar 2024 22:49:55 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9A49 42 B
64 B 50ms
50ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstl2aK1wYTv5Hd9Jk-9VEapRabtv5Sj3xZl0PLhtnqzuuuSkmvUwe9_SzKYfARnrV8FVxueTDCFWAh6gtjKhMPrllxbn73LiDlppkIp-f0N3zAUUGgZP7wQSkJ0mDcwQTJmS7vPUg&sai=AMfl-YT6dkXDo_MXza7BQ5ah2N4bMDq2q6PuZXfy28Y6oreoQxFvmAFezEHWRbQIqiPGRjW7x9O8lAqOAvwU&sig=Cg0ArKJSzNEZDX0TTV1zEAE&cid=CAQSGwDUE5ymu8CqCCMZkL6MgMH-IkZcPT849gnovBgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230315&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2119092829&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679159645555&rpt=1493&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 17:14:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
q.clarity.ms/ 0
290 B 93ms
92ms XHR
text/plain 20.231.53.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-b-sc/s/0.7.4/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://vncare.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://vncare.net
Date: Sat, 18 Mar 2023 17:14:08 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=640D218BBD43472DABA0C72C7014C18A&RedC=c.clarity.ms&MXFR=313393FEA5926A362D6A8126A192640B
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=640D218BBD43472DABA0C72C7014C18A&MUID=20654D544E5260FF2AA75F8C4F526122

42 B
442 B

30ms
30ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=640D218BBD43472DABA0C72C7014C18A&MUID=20654D544E5260FF2AA75F8C4F526122
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 17:14:08 GMT
last-modified: Thu, 16 Mar 2023 17:16:22 GMT
server: Microsoft-IIS/10.0
etag: "c4b6d572b58d91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 18 Mar 2023 17:14:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EE65E5E7C4DE40F6BC872036D5CAFEEE Ref B: FRAEDGE1922 Ref C: 2023-03-18T17:14:09Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=640D218BBD43472DABA0C72C7014C18A&MUID=20654D544E5260FF2AA75F8C4F526122
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 63ms
61ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230315&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9cd9753a61522d935eb75a7f5f16a5c2f5f45112ebdc3a2855b89433093ebab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:14:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11227
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 50ms
45ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:14:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 18 Mar 2023 17:14:09 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 716F 13 KB
5 KB 15ms
14ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vncare.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5440
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 18 Mar 2023 15:43:29 GMT
expires: Sun, 17 Mar 2024 15:43:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5442 783 B
536 B 24ms
24ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3ed4c09cddf0304bea59f271e859b6ad494bf8869efb68b7b1a59ad3e7480811

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9KhMv5iXzivqGQMWk_7xhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vncare.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-9KhMv5iXzivqGQMWk_7xhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 18 Mar 2023 17:14:09 GMT
expires: Sat, 18 Mar 2023 17:14:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js Show response
pagead2.googlesyndication.com/bg/ Frame 716F 36 KB
14 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fb29d4a25891606c32c76a3971a06ceb33d2750c966578813492dec8d38b851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 10:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14330
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 10:13:21 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5442 0
0 59ms
57ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230315&jk=2404714718596171&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 716F 0
11 B 13ms
13ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?wrdGww
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:14:09 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 52ms
52ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230315&jk=2404714718596171&bg=!YGOlYzfNAAZEjmHWZI47ADkAdvg8Wp4lp4UBCsiWAmiZH7AN-cixiGNVILenW10ikFPxSoea9z90TM6ht9HYrMxXWu4bN73yw1MCAAAAVlIAAAADaAEHmQKUZAPkcPJNt8dX9GMGb30ggtHg84fsJ9t-QERSJnSB7qs-GL3FGS7TeQB_wpmbHYQlScMwGng5HQgX7LB9FEKHEiw7Fb2XHswXFzmw-6-TXQPOeMAoWtaRY4KU0ydSKbo6Gdf9q1anQWSTGyGJX4hgvdJvaNQOOv2caPBje54vNaZ7wi07r0IVPOEoCwmyr90h_WKJ2KZjD_wha4irubm7pUtsUmZ2OdmTPwVHpI__uKTpyFlM1fAuayPEtY7-KFmZ54Rg837fKI7s8coEc7u5_sACMtpWMi-qc47J1eg7ZK264PSajeS5FR0AE8DxBpxr90YcLNfSD91crVAaAJEpagLJapvKF5Pn6IbDMhCWG0UVP-NCVRZHFFVpTq1AR0WQ-M9Ku87-4ojOCTHkNVekI1KA67NBeD05ugpAq4sQij5ORUsggTER9NvYW3hlxXypooRvMyx9z81q4HqDI4fo36Sue-VjkwdLj06GRqvVTCpqMhWJjff_wrxzENMZF9z7nPejCNHuLr5Z1vItms3y9tFf_Stb8vduiMsJVx_YgI0Yvphp_JgfzdYFlBHt464TWRU5lnJZ7Biy2Pu58Mq7vO_1oUhGpYPfGIEgJksuF6S8UQP3Ym7uOUjNTAYAtMJaDtsGgUHcFuW5Yx4iP4fmsMSqnqu9715dzSX5cE_79AKYeNZHn5R3RxjXqRlfkke-WiS8A5Mmq4IA4SHFEMy4w1BgxnzNrs9Bvo_7awfz64OOacuvz352JdAcHqzY-9fe1UX3rCMcC4Qk-_Vs5VntcLjyFZPOn9RGtsVi-r2urktf-k835Q--8HAQ_1FqS9mZeAIBBcjWGu9a0dgfVH_vhm4CQZIXOlZACN3ikB6JCD7jre0v
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 400 xerlkdxytpcfuplouxemehvhqmffuhxpdvklebxw Show response
api.sbz.vn/4.0/accounts/acrbglqzghjwguvnwdvo/users/ 176 B
228 B 219ms
218ms XHR
application/json 35.213.167.91
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sbz.vn/4.0/accounts/acrbglqzghjwguvnwdvo/users/xerlkdxytpcfuplouxemehvhqmffuhxpdvklebxw?v=6&x-user-ref=xerlkdxytpcfuplouxemehvhqmffuhxpdvklebxw
Requested by: Host: vcdn.subiz-cdn.com
URL: https://vcdn.subiz-cdn.com/widget-v4/public/186c9849f9c.app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.213.167.91 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS: 91.167.213.35.bc.googleusercontent.com
Software: /
Resource Hash: ee4318163560088d9db832bf910f6fdf2e5acbed976d60152a4cd782816df821

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:14:10 GMT
content-encoding: gzip
via: 1.1 google
x-api-time: 74.052Âµs
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vncare.net
access-control-allow-credentials: true
x-api-host: api-596cbc458c-wg5lp
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 154

POST
H/1.1 204
No Content collect Show response
q.clarity.ms/ 0
290 B 95ms
95ms XHR
text/plain 20.231.53.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-b-sc/s/0.7.4/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://vncare.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://vncare.net
Date: Sat, 18 Mar 2023 17:14:12 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 400 xerlkdxytpcfuplouxemehvhqmffuhxpdvklebxw Show response
api.sbz.vn/4.0/accounts/acrbglqzghjwguvnwdvo/users/ 176 B
244 B 217ms
217ms XHR
application/json 35.213.167.91
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sbz.vn/4.0/accounts/acrbglqzghjwguvnwdvo/users/xerlkdxytpcfuplouxemehvhqmffuhxpdvklebxw?v=6&x-user-ref=xerlkdxytpcfuplouxemehvhqmffuhxpdvklebxw
Requested by: Host: vcdn.subiz-cdn.com
URL: https://vcdn.subiz-cdn.com/widget-v4/public/186c9849f9c.app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.213.167.91 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS: 91.167.213.35.bc.googleusercontent.com
Software: /
Resource Hash: 152a21a825df81e57f5ec7f3a9cb47e30bbf5468e5a901d54613701f452a4f71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vncare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:14:13 GMT
content-encoding: gzip
via: 1.1 google
x-api-time: 11.752221ms
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vncare.net
access-control-allow-credentials: true
x-api-host: api-596cbc458c-f7lzg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 154

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: payment-api.vietnamkhoemanh.vn
URL: https://payment-api.vietnamkhoemanh.vn/api/v1/g1donate/TransactionInfo/totalDonate

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
vncare.net/	1970-01-20 10:26:06	Name: XSRF-TOKEN Value: eyJpdiI6InNsYzY5Y3MrSnByN0FXOVBGRjluVkE9PSIsInZhbHVlIjoibFlNY0lpbTlESUZiZHpnWWJmTFVCUUxDMFVNWlB5d2lncXdnemlUYkNGS0pSZ1htWk1sak9PcVFWL2l0aFlzUzR5Z2Zhd2FvNzFzY2laTTgvbDNmUy9mOHBiRmdsZ0s0VDFQNFFHSlR5cU5Qc3dST090T3ZONWhnYUtnMk10VVEiLCJtYWMiOiIxMmJkNDYxYjZmMTE2NmU5NDBmMTI0YjAwYzMxMWRlYjMyMjFjYTJiNTEyMWRhNTI5ZTE1NThkMDY3ZmI0NDUzIn0%3D
vncare.net/	1970-01-20 10:26:06	Name: laravel_session Value: eyJpdiI6ImtTcEJQbXJHUVlyVXdJTVo3Wm8rTkE9PSIsInZhbHVlIjoiZlBObWI5V1czUmZpLzU2c1Zac2V5SVZ2cXV1d1luSUtWRlZITXBBNmhKbkVkYXRZNDl5ZkFDVHdWR0cwclUrRDVWL285SEdxZWFmOEpQQ0RnWTdIVkVvTEZreXF6WkQ4MzhhVmVEZnJTUjgrV2RickFyRndnZWJvOUZ6K1ZMODciLCJtYWMiOiJjYTI4OGFkYjM0Y2ZiNmFkODliOTE1MzExNWQzMmI4Y2E4ZTEwNWY3MDg0MGU5MzY3M2E3NjRlMjJhMzc2ZmRmIn0%3D
.vncare.net/	1970-01-20 20:01:59	Name: _ga Value: GA1.2.329108169.1679159645
.vncare.net/	1970-01-20 10:27:26	Name: _gid Value: GA1.2.230229352.1679159645
.vncare.net/	1970-01-20 10:25:59	Name: _gat_gtag_UA_155281519_2 Value: 1
.vncare.net/	1970-01-20 10:25:59	Name: _gat_UA-155281519-1 Value: 1
www.clarity.ms/	1970-01-20 19:11:35	Name: CLID Value: d81976410a124d8c9cbb52c4713ceda3.20230318.20240317
.vncare.net/	1970-01-20 19:11:35	Name: _clck Value: c6v4ee\|1\|fa0\|0
.vncare.net/	1970-01-20 19:47:35	Name: __gads Value: ID=c1855e5b79047b9e-22eaa90ed6de0076:T=1679159645:RT=1679159645:S=ALNI_MZZ8jZIfRMCHWIoGLVDkEqF79RTPg
.vncare.net/	1970-01-20 19:47:35	Name: __gpi Value: UID=00000bc8116a37ed:T=1679159645:RT=1679159645:S=ALNI_MY8kwT8j0lcL3AaNHts_Ztq3u4sXA
.vncare.net/	1970-01-20 10:27:26	Name: _clsk Value: 1fjaxlz\|1679159645849\|1\|1\|q.clarity.ms/collect
.casalemedia.com/	1970-01-20 19:11:35	Name: CMID Value: ZBXxXvCjspw-rmjR-KkcJgAA
.casalemedia.com/	1970-01-20 12:35:35	Name: CMPS Value: 1102
.casalemedia.com/	1970-01-20 12:35:35	Name: CMPRO Value: 1102
.adnxs.com/	1970-01-20 12:35:35	Name: uuid2 Value: 2850430993324246207
.adnxs.com/	1970-01-20 12:35:35	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVNppbtt!]tbPl1M>e)ZlrFUfJ+tGXxpOQfe6'PVYvdM'KGcFX^qmN!/dsNaawmk/*^d3If)y3KL9D3I?+8[^VZv
.pubmatic.com/	1970-01-20 10:27:26	Name: KTPCACOOKIE Value: YES
.w55c.net/	1970-01-20 19:57:40	Name: wfivefivec Value: EYWbtb6g1PDA875
.simpli.fi/	1970-01-20 19:13:02	Name: suid Value: FEAB1D33BDF44B7BBB44CD431B10FA88
.w55c.net/	1970-01-20 11:09:11	Name: matchgoogle Value: 5
.pubmatic.com/	1970-01-20 19:11:35	Name: KADUSERCOOKIE Value: 8B498BE5-8712-483C-B1B0-D4E5CCBAEFDD
.turn.com/	1970-01-20 14:45:11	Name: uid Value: 3760343286227601777
.doubleclick.net/	1970-01-20 19:47:35	Name: IDE Value: AHWqTUlxhIQ6F2xbozUhGby5wn-SsI3WAcUk3G-d1bHS_MO1DIRNgOSf3bkG0ILw6es
.adform.net/	1970-01-20 11:10:38	Name: C Value: 1
.adform.net/	1970-01-20 11:52:23	Name: uid Value: 7130825261153393722
.mathtag.com/	1970-01-20 19:51:54	Name: uuid Value: de546415-f15f-4000-a09b-0292fe554d88
.mathtag.com/	1970-01-20 11:09:11	Name: mt_mop Value: 4:1679159648
.everesttech.net/	1970-01-20 19:11:35	Name: everest_g_v2 Value: g_surferid~ZBXxXwAAAkN30gAG
.yahoo.com/	1970-01-20 19:11:57	Name: A3 Value: d=AQABBF_xFWQCEKnSWZO8_ct1lRcwKUC5RP4FEgEBAQFCF2QfZAAAAAAA_eMAAA&S=AQAAAtEqzF1UYFi9oZEUNvkQtoc
vncare.net/	1970-01-20 20:01:59	Name: __sbref Value: xerlkdxytpcfuplouxemehvhqmffuhxpdvklebxw
.bing.com/	1970-01-20 19:47:35	Name: MUID Value: 20654D544E5260FF2AA75F8C4F526122
.c.bing.com/	1970-01-20 10:36:04	Name: MR Value: 0
.c.bing.com/	1970-01-20 19:47:35	Name: SRM_B Value: 20654D544E5260FF2AA75F8C4F526122
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 19:47:35	Name: MUID Value: 20654D544E5260FF2AA75F8C4F526122
.c.clarity.ms/	1970-01-20 10:36:04	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 10:26:00	Name: ANONCHK Value: 0

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://payment-api.vietnamkhoemanh.vn/api/v1/g1donate/TransactionInfo/totalDonate Message: Failed to load resource: net::ERR_CONNECTION_RESET
network	error	URL: https://api.sbz.vn/4.0/accounts/acrbglqzghjwguvnwdvo/users/xerlkdxytpcfuplouxemehvhqmffuhxpdvklebxw?v=6&x-user-ref=xerlkdxytpcfuplouxemehvhqmffuhxpdvklebxw Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://api.sbz.vn/4.0/accounts/acrbglqzghjwguvnwdvo/users/xerlkdxytpcfuplouxemehvhqmffuhxpdvklebxw?v=6&x-user-ref=xerlkdxytpcfuplouxemehvhqmffuhxpdvklebxw Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://api.sbz.vn/4.0/accounts/acrbglqzghjwguvnwdvo/users/xerlkdxytpcfuplouxemehvhqmffuhxpdvklebxw?v=6&x-user-ref=xerlkdxytpcfuplouxemehvhqmffuhxpdvklebxw Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
adservice.google.com
adservice.google.de
angelbeauty.com.vn
api.sbz.vn
c.bing.com
c.clarity.ms
c1.adform.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
dclk-match.dotomi.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
healthcare247.asia
ib.adnxs.com
image6.pubmatic.com
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
payment-api.vietnamkhoemanh.vn
pixel-sync.sitescout.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
q.clarity.ms
r.turn.com
s0.2mdn.net
ssum-sec.casalemedia.com
static.doubleclick.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
thammyviengangwhoo.vn
theme.hstatic.net
tpc.googlesyndication.com
um.simpli.fi
vcdn.subiz-cdn.com
vncare.net
widget.subiz.net
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
xmebeauty.com
payment-api.vietnamkhoemanh.vn
103.138.88.36
103.138.88.65
103.229.192.200
103.229.193.244
103.77.162.8
118.69.83.90
142.250.181.226
142.250.185.226
151.101.194.49
18.196.198.111
185.29.132.241
185.64.189.115
185.80.39.216
185.83.142.19
20.231.53.73
2001:678:cb4:bbbb::11
2606:4700:10::ac43:ebf
2606:4700:20::681a:c2e
2606:4700::6811:180e
2620:1ec:4e:1::45
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:802::2002
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:806::2004
2a00:1450:4001:806::2006
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::2001
2a00:1450:4001:811::2008
2a00:1450:4001:812::2006
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::200a
2a00:1450:400c:c02::9b
2a02:fa8:8806:16::1400
2a05:d018:d29:3605:5125:66ec:eae5:be30
3.33.220.150
34.91.62.186
35.213.167.91
37.157.5.142
68.219.88.97
69.173.144.165
98.98.134.242
0acd000b7821ba7535d7d3100e28d42e005dde81f5240da18ba0164444d75dcd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
129e8fc930f2868133ba648df1b39a8ec00c55f0f20214aade81a544d94df1e7
152a21a825df81e57f5ec7f3a9cb47e30bbf5468e5a901d54613701f452a4f71
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1743b54e611ae08f0ddb89d8d1bc9ae7d78feacbd672c86a5f5bb3c1a582e05e
17e405ccc336e0cfb0caa886d30905f92b15b2a940d87d14f47c9f8d7932c5aa
1a3036fe08ec69f1cd410b8d4ccef07e48a44e927d7d73a17c9d208dd8912664
1d9c4b019dd7347e819fff0db03390cdaa543efbfea21c11c0bcedcb6c8a8dd9
2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116
2dc5094e239c09741b54bd7c4c8293788f47bc93eb32125f6566c181adfbd0e5
303d1d8df78ac9797abf10bb406e0b77471335612f36402334bd61d27d8cf6da
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
3ed4c09cddf0304bea59f271e859b6ad494bf8869efb68b7b1a59ad3e7480811
40138541fc2272de9c2a31faf8d18e091f6ba9e2c9398a94aa14d00797ca8372
413bd49c9dd4a296c91f2c9b9a7d20b4a445009cc66bab483e5c81f9dc44cd5f
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
45606f837ab8530c01f3602592ed7a118450be4ef3f629ca644d0543099e5c6b
47f41051f96af5a38ef82cf99a9f869cba2e8512d5bdb56a599a4fb0e574f5df
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
54c851c871992798d1f48674a01f6c182125a80fb67ec8abc1e777de5681adae
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
574c309a9947e14eb06f7dc515f8a3d0ab9577bcb4a01d46011948094f2173c4
588a98c5d700038bc5528578f20210806bd6cd2120193f14241c58badbfe7e7b
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5e49fc3931afbacf1d3d9dd739df6fad1e85757b96d5f457de757ab36d6083c6
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62dcd25ba816407976bcc0b1fdf63240a032a455df7342291833f3fcefdb1c52
6a5b5c119e29baff98f1cce6f2b309113093c38245dc23665417663cfdd94f78
6a95141ae78e1b5f3d8a28ccd2c6e57f08c32f1b6ebc76ab2cec2ad0e9f0f6ec
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c884d0fa4ce72b3abf613a4b373bee64b6d65e9e888a4dfb80126f393e37621
6d58df06c903006249c8598d9604d36dd77edded7da7fa4f429d699bf367b9d0
6df2ce1dd3eb2bb0e0e5418aa6cdf26ff6cd382363f5d72b56d1befbec4131e5
71412873b9aa34a1ca941dfc4b3b5e141caec06d52621addc053861f30dc472d
7157d26f3067dc7d90b2076a0d7181365046fbffe59447ed9cfae3d2aab6a5bf
7611c948d6e3081c934a24046221a11dc812a5394405eb0680f8f7e75f174670
7802ab7abd053752bebf764dbf39c389fa17e47909fcdd317225f39efa6de14f
787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4
7cc56d258c6f121c54e07c3e797d1c41da07418e8a2fc69336d18ff6bf52a8fa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86e496b536b26ba60cdb68df9dd9143b19a63b65e30e373b0321833aab1295d6
877f4c8daa424d4ab0b08f3a4560accf2b9e7535c8fbd8f20a85819fe4f09c87
8c89491f2f08c259d6d26ae0069c87e1e535afa607ccfc97ca5130543c5d48a4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
970212837b98c1e25dcb2c7b62362af2617e20ebc2ef4c6936404d8efdb4fae5
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cd9753a61522d935eb75a7f5f16a5c2f5f45112ebdc3a2855b89433093ebab2
9fb29d4a25891606c32c76a3971a06ceb33d2750c966578813492dec8d38b851
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a20c6fbe03fa36da39897cd6e9a51af012676f93b8e7143ea1f527040da212bc
a2ff863713a2af74627cc821ca8d650eeaff248d4bd9594a59ced297f074c58d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a55ade67aedf45a013ca01c5e93fa042d175348ef4d16f64cde022beee9abbd5
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27
ac4e131ca9a592d8d092e617c759bc5ac35d411a11fdf1610ba834330ab94d91
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
afec36c7fafe144cf9764838c9a4b904620574aa3ff0e916463cbc9a48d02d78
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7ae8d90295fac643f1a8f4b0f687d62f052f902a75261898f826355c31f6373
bb45186df56434cecc5dfb1e5676b85b42742d42f4606a9ebc7cf5a5538b5962
be52ee22f73cce933c15418cd6657156980db80a354fbafee8e42443e03a2e66
c65682c02e2f09d4b9b564cc342181a511e87b9112e50136c4037be2d0ac81a3
c80f1cecbad040ee9fc9bf1963b7f9aa02152262fdecbc5b949c8ad90b1baa24
c8d97dedf4c4ab5ca59ae96d6fb6187cb2c7073b35ce0f5c584b350ac2d28630
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
d2100209ed8009fc15b32f3f3241eb23e2df6346416df07a872e01ddf236719a
d41bfd3e3971548af0d936242a1d0026888e28c646012582e7db51a6eb64aeaf
d6f68d6ee8946bb5f58fd6f6182c56bf320f9f0da1ffa2ec6ad5041e496cc6b6
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
de18f83fe5e106b0ff08097632c801d3b2a5744cb2040302314b3ed08d5c0c8e
dfb251ab625fc65ba9da3b27cc16fc25459480c929e6e8ff1efb2fa87fd72659
e2aed82546af48175742a982e5873727f334364951c29ca07f4743efd54cab0c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5085d320c961475ad80d0b4bed8503b7683a7464e5ba33decb5ca1309e56e3a
e6c5d9c776a3337cab158f0cc40633c067389097c0b70e97037f87e8f6bcb3d0
eb26f2d6058505cd1dbe32619149aee2b11f70bcf37c34cdf5ad879c68a9abc5
ee4318163560088d9db832bf910f6fdf2e5acbed976d60152a4cd782816df821
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
fac5da0573738445914239b601391b9f2ac194e543b7a0400a8bbee267b97f3a
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
fce7ce9a75b68aa492b3d14822f43fb55eeac9e3c9684960138206f1d7a79fa5
fd379dbdf191e59252cee4383f0388edf1ed09a1adf334cdc26ac56db4283cab
ff6b89f29d4ba3d9f62a868f6735294942e07d9730ba38fd2ba70f77b3d58fc2

vncare.net Open in urlscan Pro 103.229.193.244 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

174 Requests

86 %HTTPS

53 %IPv6

38 Domains

50 Subdomains

38 IPs

10 Countries

3061 kBTransfer

6138 kBSize

37 Cookies

144 Outgoing links

Page URL History

Redirected requests

174 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

vncare.net Open in urlscan Pro
103.229.193.244 Public Scan

Screenshot
Live screenshot

Full Image

174
Requests

86 %
HTTPS

53 %
IPv6

38
Domains

50
Subdomains

38
IPs

10
Countries

3061 kB
Transfer

6138 kB
Size

37
Cookies

174 HTTP transactions
11 data transactions