urlscan.io logo urlscan.io
SecurityTrails logo

owo.vn Open in urlscan Pro
2606:4700:3034::ac43:a77f  Public Scan

Go To Rescan Add Verdict Report
URL: https://owo.vn/neu-ma/
Submission: On December 28 via manual from DE — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 35 IPs in 7 countries across 28 domains to perform 205 HTTP transactions. The main IP is 2606:4700:3034::ac43:a77f, located in United States and belongs to CLOUDFLARENET, US. The main domain is owo.vn.
TLS certificate: Issued by GTS CA 1P5 on December 14th 2023. Valid for: 3 months.
This is the only time owo.vn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 2606:4700:303... 13335 (CLOUDFLAR...)
6 2606:4700:303... 13335 (CLOUDFLAR...)
35 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:46::45 8075 (MICROSOFT...)
1 2a03:2880:f08... 32934 (FACEBOOK)
3 20.120.65.166 8075 (MICROSOFT...)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
8 2a00:1450:400... 15169 (GOOGLE)
22 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
7 16 216.58.206.34 15169 (GOOGLE)
5 11 104.18.36.155 13335 (CLOUDFLAR...)
1 2 52.209.226.11 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 142.250.186.66 15169 (GOOGLE)
9 2.17.100.184 20940 (AKAMAI-ASN1)
21 217.79.188.59 24961 (MYLOC-AS ...)
2 217.79.188.46 24961 (MYLOC-AS ...)
2 2600:9000:20a... 16509 (AMAZON-02)
7 2600:1f13:800... 16509 (AMAZON-02)
1 142.250.181.230 15169 (GOOGLE)
2 217.79.188.21 24961 (MYLOC-AS ...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2 46.228.164.11 56396 (AMOBEE)
1 2620:116:800d... 16509 (AMAZON-02)
1 1 172.104.105.5 63949 (AKAMAI-LI...)
1 1 18.177.11.95 16509 (AMAZON-02)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
2 2 64.74.236.95 22075 (AS-OUTBRAIN)
1 1 82.145.213.8 39832 (NO-OPERA)
205 35
11    2606:4700:3034::ac43:a77f (United States)

ASN13335 (CLOUDFLARENET, US)
owo.vn
6    2606:4700:3037::6815:267b (United States)

ASN13335 (CLOUDFLARENET, US)
uhchat.net
35    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
17    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    20.120.65.166 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
l.clarity.ms
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
8    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
22    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
yt3.ggpht.com
2    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
7    2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
16    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net
cm.g.doubleclick.net
11    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
2    52.209.226.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-226-11.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
1    2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
1    2a00:1450:4001:830::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
3    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
googleads4.g.doubleclick.net
9    2.17.100.184 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-100-184.deploy.static.akamaitechnologies.com
t.6sc.co
21    217.79.188.59 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com
imagesrv.adition.com
2    217.79.188.46 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad4.adfarm1.adition.com
ad4.adfarm1.adition.com
2    2600:9000:20ab:e800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
7    2600:1f13:800:7781:cd5:899e:b17a:f69d (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
1    142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net
ad.doubleclick.net
2    217.79.188.21 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad2.adfarm1.adition.com
ad2.adfarm1.adition.com
1    2a02:26f0:3500:11::215:14cb (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com
2    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
1    2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    172.104.105.5 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1715-5.members.linode.com
a.c.appier.net
1    18.177.11.95 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-11-95.ap-northeast-1.compute.amazonaws.com
cs.r-ad.ne.jp
1    2a05:d018:d29:3602:97f5:4393:5614:bb1a (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    64.74.236.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
Apex Domain
Subdomains		 Transfer
56 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
589 KB
38 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
static.doubleclick.net — Cisco Umbrella Rank: 248
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515
ad.doubleclick.net — Cisco Umbrella Rank: 139
194 KB
25 adition.com
imagesrv.adition.com — Cisco Umbrella Rank: 17335
ad4.adfarm1.adition.com — Cisco Umbrella Rank: 65170
ad2.adfarm1.adition.com — Cisco Umbrella Rank: 54473
85 KB
11 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 900
static.adsafeprotected.com — Cisco Umbrella Rank: 602
dt.adsafeprotected.com — Cisco Umbrella Rank: 567
103 KB
11 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
7 KB
11 owo.vn
owo.vn
467 KB
9 6sc.co
t.6sc.co — Cisco Umbrella Rank: 8332
7 KB
8 gstatic.com
www.gstatic.com
fonts.gstatic.com
69 KB
8 youtube.com
www.youtube.com — Cisco Umbrella Rank: 71
1001 KB
7 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
323 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 796
l.clarity.ms — Cisco Umbrella Rank: 50737
c.clarity.ms — Cisco Umbrella Rank: 1377
28 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
jnn-pa.googleapis.com — Cisco Umbrella Rank: 203
43 KB
6 uhchat.net
uhchat.net — Cisco Umbrella Rank: 317500
24 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
21 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
258 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 586
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 773
r.turn.com — Cisco Umbrella Rank: 3570
869 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1072
672 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
714 B
1 r-ad.ne.jp
cs.r-ad.ne.jp — Cisco Umbrella Rank: 95478
684 B
1 appier.net
a.c.appier.net — Cisco Umbrella Rank: 8865
596 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 749
464 B
1 createjs.com
code.createjs.com — Cisco Umbrella Rank: 1586
63 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 226
2 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 89
137 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 228
764 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98 Failed
3 KB
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
90 KB
205 28
Domain Requested by
35 pagead2.googlesyndication.com owo.vn
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
21 imagesrv.adition.com googleads.g.doubleclick.net
owo.vn
imagesrv.adition.com
21 tpc.googlesyndication.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
owo.vn
tpc.googlesyndication.com
17 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
owo.vn
www.youtube.com
16 cm.g.doubleclick.net 7 redirects googleads.g.doubleclick.net
11 dsum-sec.casalemedia.com 5 redirects googleads.g.doubleclick.net
11 owo.vn owo.vn
9 t.6sc.co
8 www.youtube.com owo.vn
www.youtube.com
7 dt.adsafeprotected.com googleads.g.doubleclick.net
7 s0.2mdn.net googleads.g.doubleclick.net
owo.vn
s0.2mdn.net
6 uhchat.net owo.vn
uhchat.net
5 www.gstatic.com googleads.g.doubleclick.net
www.youtube.com
www.gstatic.com
4 jnn-pa.googleapis.com www.youtube.com
4 www.google.com 1 redirects tpc.googlesyndication.com
www.youtube.com
googleads.g.doubleclick.net
4 www.googletagservices.com googleads.g.doubleclick.net
owo.vn
3 googleads4.g.doubleclick.net owo.vn
3 fonts.gstatic.com www.youtube.com
3 l.clarity.ms www.clarity.ms
2 b1sync.zemanta.com 2 redirects
2 ad2.adfarm1.adition.com ad4.adfarm1.adition.com
ad2.adfarm1.adition.com
2 static.adsafeprotected.com googleads.g.doubleclick.net
2 ad4.adfarm1.adition.com googleads.g.doubleclick.net
ad4.adfarm1.adition.com
2 fw.adsafeprotected.com 1 redirects owo.vn
2 fonts.googleapis.com googleads.g.doubleclick.net
2 c.clarity.ms 1 redirects
2 www.clarity.ms owo.vn
www.clarity.ms
1 t.adx.opera.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 cs.r-ad.ne.jp 1 redirects
1 a.c.appier.net 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 r.turn.com
1 ad.turn.com 1 redirects
1 code.createjs.com imagesrv.adition.com
1 ad.doubleclick.net googleads.g.doubleclick.net
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 c.bing.com 1 redirects
1 www.facebook.com connect.facebook.net
1 connect.facebook.net owo.vn
205 42
Subject Issuer Validity Valid
owo.vn
GTS CA 1P5		 2023-12-14 -
2024-03-13		 3 months crt.sh
uhchat.net
E1		 2023-12-28 -
2024-03-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-07 -
2024-01-05		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
edgestatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
6sc.co
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
*.adition.com
AlphaSSL CA - SHA256 - G4		 2023-05-08 -
2024-06-08		 a year crt.sh
*.adfarm1.adition.com
AlphaSSL CA - SHA256 - G4		 2023-05-08 -
2024-06-08		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-09 -
2024-06-06		 a year crt.sh
tls.adobe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-08 -
2024-03-10		 a year crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh

This page contains 29 frames:

Primary Page: https://owo.vn/neu-ma/
Frame ID: A77A1E122EB434FEBF1CE9A7D9C24D40
Requests: 41 HTTP requests in this frame

Frame: https://uhchat.net/chat/?f=0be7c1&title=N%E1%BA%BFu%20M%C3%A0%20-%20L%C3%AA%20Th%C3%BAy%20H%E1%BA%B1ng&parent=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ref=
Frame ID: 631811AD19BE7F96568319C36486B754
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 8CE61D30E5456EFBD3981F2AD79CD9C7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9927393713550282&output=html&adk=1812271804&adf=3025194257&lmt=1703787058&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703787058084&bpp=6&bdt=1178&idt=280&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2939274579570&frm=20&pv=2&ga_vid=246232683.1703787058&ga_sid=1703787058&ga_hid=470107238&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C95320884&oid=2&pvsid=2076560842998984&tmod=1913879467&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=297
Frame ID: E3A3FB28F806977CE2A3F744A6D99D60
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9927393713550282&output=html&h=280&adk=377845342&adf=2791373073&pi=t.aa~a.3404089767~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1703787059&rafmt=1&to=qs&pwprc=6711635098&format=360x280&url=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703787059260&bpp=1&bdt=2355&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939274579570&frm=20&pv=1&ga_vid=246232683.1703787058&ga_sid=1703787058&ga_hid=470107238&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C95320884&oid=2&pvsid=2076560842998984&tmod=1913879467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Frame ID: B6E8F8BFCC184C209AF64E2BB04C64D0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9927393713550282&output=html&h=280&adk=3088186576&adf=2913177901&pi=t.aa~a.1745538876~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703787059&rafmt=1&to=qs&pwprc=6711635098&format=1200x280&url=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703787059260&bpp=1&bdt=2355&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C360x280&nras=3&correlator=2939274579570&frm=20&pv=1&ga_vid=246232683.1703787058&ga_sid=1703787058&ga_hid=470107238&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C95320884&oid=2&pvsid=2076560842998984&tmod=1913879467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=14
Frame ID: 174C061EB59FDF58FBBB94CD0713885C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9927393713550282&output=html&h=280&adk=1213588912&adf=1119259538&pi=t.aa~a.3804633860~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703787059&rafmt=1&to=qs&pwprc=6711635098&format=1200x280&url=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703787059260&bpp=1&bdt=2354&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C360x280%2C1200x280&nras=4&correlator=2939274579570&frm=20&pv=1&ga_vid=246232683.1703787058&ga_sid=1703787058&ga_hid=470107238&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4480&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C95320884&oid=2&pvsid=2076560842998984&tmod=1913879467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=16
Frame ID: 22CA839071AC9460ED3547C3C217C66F
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/OZjWSxbEh4Y
Frame ID: 082E2BD2D47B46F84FF0D3CB76BFF308
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 907EEA830EB962C4C2E4C8017CBA5976
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: A9510809D6E22715B4C1FCB84B4AF2BA
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 75C3306579E5057E7CDD6E4997962341
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQtrWInAQYpdXE9AEwAQ&v=APEucNXr69KY2hfDG3Y5MOI91Iupw6-ZgJ032n46szAuBDPIuChQZtmroY77_HL_CtQKznUoi_MYigu2d9VIKDTGv5LappBGsw
Frame ID: 95511AACB78587231DF51FCA27954C30
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHQ9gIQ9r39-gEY25uJgQIwAQ&v=APEucNVgRZvGdnUj7r3BVfL0Z0rnSWzJ7dDRFCmlNh_euzCQzy7rtzCY3niliTd8qs8WY53rlVVW-bXL8fXO04v4nDx2PMNijg
Frame ID: E26D66BD177DF0123A6FB9209EEAF3D1
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: C55CEDE0729B2F0A1EFD10D29DA8A6F6
Requests: 26 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5F2FD03FF3FCE8AACC040716FCFF3ADE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 83306747537886C54A96B1DFC98F78CD
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E09FD3AF8270E0C7A8622F41BFF145CC
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 49C105AB6A93FE1A6BCE13F442A51909
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9E0DEBBD521306D247BE41CAEDC19A77
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: 89AAADAF6183709BE7C8B26C8967186F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGJqf49wBMAE&v=APEucNVqu918JJLthcXDg781G6FzKtP3u-j9H_bBaoO6lvSohd9a5YkBrFLWzt940D9YFpaQueTxJ7PNWC5WUNjBtaX0mJ93iw
Frame ID: DB1E695AB7CFF9BC9E39F116CB81AB63
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: E2FFC90AEC95EB86687E4B27A18CFD9D
Requests: 23 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 5655FB4465133062732491BC9A1B278F
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17710475751055165328/index.html?ev=01_250
Frame ID: 453497D3F49A9DF420D5BB9FBF742CAA
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9927393713550282&output=html&h=280&adk=3396172996&adf=1356298493&pi=t.aa~a.4146970678~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1703787059&rafmt=1&to=qs&pwprc=6711635098&format=360x280&url=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703787059262&bpp=1&bdt=2357&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcb92e3c60995ce02%3AT%3D1703787058%3ART%3D1703787058%3AS%3DALNI_MYasj_kBtplPDu8_G4h9hfkeknCMA&gpic=UID%3D00000d2eef2d12c8%3AT%3D1703787058%3ART%3D1703787058%3AS%3DALNI_MZw9KVo1QjegRp1fxoW7sSMIzTArg&prev_fmts=0x0%2C360x280%2C1200x280%2C1200x280%2C1600x1200%2C160x600%2C160x600&nras=8&correlator=2939274579570&frm=20&pv=1&ga_vid=246232683.1703787058&ga_sid=1703787058&ga_hid=470107238&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=4598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C95320884&oid=2&psts=AOrYGsk75eCS0IrNhMcKJF9Uh6AYSB7LqiyvyRIKhAlVE7M03xPWRc3gpXhD0Mcyu5vVRz_DRvLXCNhLwnRPCWC5JaczkYsXGzzIEadpY8K31fN72ZBJAQ&pvsid=2076560842998984&tmod=1913879467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=6&fsb=1&dtd=614
Frame ID: 128F72B5F86AF2C389C3F182638A30C1
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 30E7D6127999BC5F3D8D9C923B6706AF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 41A344C07DDF6B54021EB5032826207A
Requests: 3 HTTP requests in this frame

Frame: https://imagesrv.adition.com/banners/268/01/0f/33/12/Mueller_Sale_Grundrauschen_300x250_x_230330_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClsqBM7qNZfTfGfGPvcAP6oOH2Aqi2%5FvIdPH1l%2DnVEdq24u%2DaOBABIMDLpzVg9ZXOgeAEoAH4k9q5AsgBCakCbxYK8J6rsj6oAwHIA5sEqgT6AU%5FQeXtPPGBU8NfoO8jQVjDehgeZcCpeS8h%2Dc%5Ft1kMnQ2M3Dvjz3c4hcWhOcD%5Fu0KLbwO2Kml0KsK5J9eXMnhLWRILI%2DFyCUp%5FIOIsaLPrraLHlQV3DKnyWX6wGxfrYvQ61PBwRCPWbO5NnqYmgbnZXwjj7BCHtfax7uKnFV189FXiJ4mB8nAyMKvnHXQL7qBnM5z3uoUJSdLbMTzTOYM151wz8xrU5Bl0fyoyn9P2Iz2VhDmY%2Djpq9msRH%2D8%2DaEEoSWigXTBozBmqUDnMWH0i1Ty2nXVjPUcsZPJI5zQbL8BXVWVETCIDP6YEQP6qVSXLF6klLakkQypAnABISp5bnABOAEA4gF%5FPS4gU2QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYksfEs92ygwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CQ0iwE%2D3xlhbQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf%5FxgQdYDjysYKBbGMVSnETJhEUsoC8IPtwWsXVINceGu3wS1njxnYWzTbyB1DmohtQIpt90Ni7VBgB%26sig%3DAOD64%5F0gzcqfdSyluObp4JZb0s3jC1j1uw%26client%3Dca%2Dpub%2D9927393713550282%26dbm%5Fc%3DAKAmf%2DA%5F8xfA9BGAgyhf1VqcgWnAB%2DwN5HiXXxpgbavMNm%2DgvrOp%5FGjpIbh1ra7uHqb7xoBS7OiKbpK1Q1S%2DurdxGphvYwn9V1FBdISIpsTRPaxTcNlMbzlTOKmFEgKQHfXzbRYAS1lfyeeaWAXXpoBq57ZgJ7EkpuoTgDSa%2DeMlgLfhF45zwvI%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDyFVnZHp3XtMLgtVbEch2m%2DzKzlM8vWH%5F5rza0ghrL3NXO6z%2DGoVGYvH%5FBq0%5FCvWuwSS4RX4la99I9%2DDdV4ENCrPLaAEMxqk34hdmoSioB%5FBmWxHVyUYPJc9yewcucGdPHQMsmMEOPng%5FlvPmE37hZ%2DZoc9f5uQHV6CjJVc6UlE4XxmL1qfUO7LgOW6NzcjGmH4xH%2DGEyn7nZhkXd6Lq9CyUIqBfrCDOxbihVThFshXptVTJHCKYT6nKg2ZkZ2pzKdkB99%2DuY3yj90vVcWG%5FpEdnzBi01e%5Fc6r2E9tMUyOnAhiorbDfrexE2BODV56%5FFieCBoBuh62HK9bTqJLpVtd58GyxeMIIO33NaKK8ILA1g4VDm%2DpVyqph94mVnNbXjzSpups93ws2blKKAOIQtGgulZxcmgbe8267Bj3zzeMKA3mEH%5FJ6N2piSJl5ij7Na2VUetIFHtBMfu98Du6G5rqS7ZrxVJiwuJRDZo7mw6RS4J72VSeNtBzlucBo8HVk1oo7vhRtYvTRtO9w4yJqDo%2DyR6bM4tTNgLWbrWBb8vAWu1duTc%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7317709702059655527%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D1689%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7317709702063719638%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17773330%2526c%253D32692%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Frame ID: 8F11FF81D914AA3F704B5813A308B932
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7A6E88279DB3B73BB2E712E3AC2755D9
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nếu Mà - Lê Thúy HằngEmailFacebookTwitter

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

205
Requests

92 %
HTTPS

60 %
IPv6

28
Domains

42
Subdomains

35
IPs

7
Countries

3510 kB
Transfer

9574 kB
Size

36
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=74F68166EFFD4AC48AF38626379957B5&RedC=c.clarity.ms&MXFR=37CAD056164964892FB8C3A312496A9E HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=74F68166EFFD4AC48AF38626379957B5&MUID=22DA663E27E76CA62C9475CB264B6D74
Request Chain 78
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6DpEr_FeJjfvGkpnyHqiI&google_cver=1
Request Chain 79
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZY26MxKMFqBZJe8SHS.bfQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAGMPagaFM9Ip4D_un7pTSw&google_cver=1&google_hm=2
Request Chain 92
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAGMPagaFM9Ip4D_un7pTSw&google_cver=1
Request Chain 93
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZY26MxKMFqBZJe8SHS.bfQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAGMPagaFM9Ip4D_un7pTSw&google_cver=1&google_hm=2
Request Chain 100
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 150
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK2km1QU0BgIzDyafa84Unk&google_cver=1
Request Chain 151
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZY26MxKMFqBZJe8SHS.bfQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK2km1QU0BgIzDyafa84Unk&google_cver=1&google_hm=2
Request Chain 153
  • https://fw.adsafeprotected.com/rfw/st/1860407/77125228/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015316818&ias_pubId=pub-9927393713550282&ias_chanId=1&ias_placementId=20821599578&bidurl=https://owo.vn/neu-ma/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jx3Q8hTapup2C01kU-PkBS&adContainerId=brand_safety_M7qNZbuEJ96RjuwPvpai2AM&cbFunctionName=goog_wrapCb_M7qNZbuEJ96RjuwPvpai2AM&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fowo.vn&adsafe_type=g&adsafe_url=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271803%26client%3Dca-pub-9927393713550282%26fa%3D3%26ifi%3D8%26uci%3Da!8%26btvi%3D5&adsafe_type=be&adsafe_jsinfo=,id:c43e03f5-22b4-1274-3622-8669521df902,c:y7vvxi,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-765c58974b-wqb4k,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:hp1.cXqRds1.CADgZf1.hClrsE1.oHpDvn1.jMNNAR1,mtim:2,mot:0,app:0,maw:0,fm:tZL6RZW+11%7C12%7C13%7C14%7C1511%7C16%7C17%7C1811%7C1812%7C191%7C192%7C1a1*.1860407-77125228%7C1a11%7C1a12%7C1a13%7C1b%7C1c%7C1d,idMap:1a1*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:16,oid:743f7e3f-a5ac-11ee-a22e-a6e0d8a50464,v:19.8.466,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&ias_xappb=&adContainerId=brand_safety_M7qNZbuEJ96RjuwPvpai2AM&cbFunctionName=goog_wrapCb_M7qNZbuEJ96RjuwPvpai2AM&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js
Request Chain 184
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGkYWZIqScbpPbKMWdvTUI8&google_cver=1&google_push=AXcoOmTH_9SjyE6izM7Xd64vVTSYWNmOETmGce7plNnfg32estumRb-SNVHqlDMuuAqZBT53SEC8WyP405BNwHfLZTA-g3il6UfocZc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODI2Njc1NTIzODg2OTUyMjQzMg==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGkYWZIqScbpPbKMWdvTUI8&google_cver=1
Request Chain 186
  • https://a.c.appier.net/gcm?google_gid=CAESEHCnfeuNEjpz44-cYf7e0T4&google_cver=1&google_push=AXcoOmRTaF3ljB9g_qVzeF2QQQCYa94SFw2Qkrd_nmPfha2pntrtxSNC6rcdstQbqk5mcnzPsk0xwXLz63zeolHGPoelS0id4yvpAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=QjNya2NvZjhEUk90NEROQk5icU5aUQ%3D%3D&google_push=AXcoOmRTaF3ljB9g_qVzeF2QQQCYa94SFw2Qkrd_nmPfha2pntrtxSNC6rcdstQbqk5mcnzPsk0xwXLz63zeolHGPoelS0id4yvpAA
Request Chain 187
  • https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEJS1CPgARKWKmBkNNqLJxeU&google_cver=1&google_push=AXcoOmTsYeLUTKWram4xUUxVxlLTPXi5kI2BT65ukPdFNDLYGfiObz1E1kNw1hBbqyDlY395UIOXMmOZ365_WkS9KEDt_gd0ShGRrnA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmTsYeLUTKWram4xUUxVxlLTPXi5kI2BT65ukPdFNDLYGfiObz1E1kNw1hBbqyDlY395UIOXMmOZ365_WkS9KEDt_gd0ShGRrnA&google_hm=NTgzSUIxMDBrQkRFODAwNlYzZlQ
Request Chain 188
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHELUmxcq88jGVzvVfjVoDc&google_cver=1&google_push=AXcoOmSLHojQbUJ9pRl76jAoYoiIbXESFYODve5EilozKSUDrB5GZCVr1no1jXhhPgG34kPUK-op_ek67vSM66V5Bz7siIZ5bKQShss HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSLHojQbUJ9pRl76jAoYoiIbXESFYODve5EilozKSUDrB5GZCVr1no1jXhhPgG34kPUK-op_ek67vSM66V5Bz7siIZ5bKQShss&google_hm=eS1peFB5dUV0RTJwRURDZFZVOWxGbV94aWsyNlllM0JaY35B
Request Chain 189
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESENZ34gEoCPTXbsOevr9Qbkc&google_cver=1&google_push=AXcoOmTI0_0jkLcXWZNGBuYFG5-t_ks4IQxI0RW9uFbzHX9WbsQPS0VBujv6zWt5WLlsEGNLq6YF5p_SY1r76dOGBayPmfTWcPAzvGs HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESENZ34gEoCPTXbsOevr9Qbkc&google_push=AXcoOmTI0_0jkLcXWZNGBuYFG5-t_ks4IQxI0RW9uFbzHX9WbsQPS0VBujv6zWt5WLlsEGNLq6YF5p_SY1r76dOGBayPmfTWcPAzvGs&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTI0_0jkLcXWZNGBuYFG5-t_ks4IQxI0RW9uFbzHX9WbsQPS0VBujv6zWt5WLlsEGNLq6YF5p_SY1r76dOGBayPmfTWcPAzvGs&google_hm=WXI5RUs0dm1rTnFDWS12UnI0U3E=
Request Chain 190
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmQWNU92yOeCCvgSNl4NSdH_PXmT4tKnBFgXhlZhQPdSMgXYwt8Nr-EtRUqqsuncx4jM0JxgYMlVKw_g8i5SNBrDp7K0w77amW8&google_gid=CAESEJxn9ftKSyaQuOlphgi92Jc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJxn9ftKSyaQuOlphgi92Jc&google_hm=T1BVNjliMzNjMTdlMjI5NDczODhlOTZmNjNhNTA2MzMyNmE&google_nid=opera_norway_as&google_push=AXcoOmQWNU92yOeCCvgSNl4NSdH_PXmT4tKnBFgXhlZhQPdSMgXYwt8Nr-EtRUqqsuncx4jM0JxgYMlVKw_g8i5SNBrDp7K0w77amW8

205 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
owo.vn/neu-ma/ 		82 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://owo.vn/neu-ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a77f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6dc1fda9f7d83b4c034b4ac38cdd63b743ffbdddce1f52ff8d68ebad4610966
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-railgun
direct (starting new WAN connection)
cf-ray
83cbc34e7df36ecc-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 28 Dec 2023 18:10:56 GMT
link
<https://owo.vn/wp-json/>; rel="https://api.w.org/" <https://owo.vn/wp-json/wp/v2/posts/9008>; rel="alternate"; type="application/json" <https://owo.vn/?p=9008>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9StHR2q%2FvlwRwp2IIKrLM4a6ZITD1HoKUpOZoZUxjW45tJdmsTTscstGrmQXDa%2FQ1X8Le4zNGZHg46xjCoIpgXKpQE8u0atJK0uKI36PP2Y5N5RrDi9b8qeDhqPMaMqPwTkoAwU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-dns-prefetch-control
on
x-frame-options
sameorigin
x-litespeed-cache
hit
x-pingback
https://owo.vn/xmlrpc.php
x-turbo-charged-by
LiteSpeed
x-xss-protection
1
c0762cb88568b462af52ab74a615cd60.css
owo.vn/wp-content/litespeed/css/ 		284 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://owo.vn/wp-content/litespeed/css/c0762cb88568b462af52ab74a615cd60.css?ver=a5228
Requested by
Host: owo.vn
URL: https://owo.vn/neu-ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a77f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
773fb5adec327ce13eb809dd30a269058bbc09c6fbf0e42c8db07d8c97d9ae88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://owo.vn/neu-ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:10:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3294523
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 28 Oct 2023 22:07:43 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8fxNqwLJPe5Y7JDt%2FxzX5ZsHz7cgEFF8uqq1IkckXITn6F62dd1NLLee4s%2FY%2FzOOrOvxjAbMSELBTI3F5%2F3P63Qr7iinzFoHXCq2mK0S20LNBrBav3%2FsuS33PiOgR4EG8opsuXc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
83cbc351ca4f6ecc-CDG
expires
Fri, 08 Nov 2024 23:51:37 GMT
jquery.min.js
owo.vn/wp-includes/js/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://owo.vn/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: owo.vn
URL: https://owo.vn/neu-ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a77f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://owo.vn/neu-ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:10:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
621672
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 08 Nov 2023 08:37:11 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TcYJV5EVy52DHjmFeQ7CwiHtgl9VtYjLv%2BIonuOnChB3u%2BrGn3X6plnXuK0cFVv0Q%2FlGCUtWEeWnojmn1QNyhkQW1506777aPvG7yz590YIwZWC%2Fkp3XHexLX1M6f1p560lIo9o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
83cbc351ca506ecc-CDG
expires
Thu, 07 Nov 2024 00:48:40 GMT
truncated
/ 		678 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a10e79b307c343dc0165e65b0f8420facbdb366728f576aee60ba07b5de578fe

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
text/javascript
back-to-top.png
owo.vn/wp-content/themes/paradise/images/ 		116 B
674 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://owo.vn/wp-content/themes/paradise/images/back-to-top.png
Requested by
Host: owo.vn
URL: https://owo.vn/wp-content/litespeed/css/c0762cb88568b462af52ab74a615cd60.css?ver=a5228
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:a77f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3e58ebfe3d43f281e19d12cdb6264e0a000c4ebe03a7f3fe90597e5db4b5f22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://owo.vn/wp-content/litespeed/css/c0762cb88568b462af52ab74a615cd60.css?ver=a5228
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:10:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
116
last-modified
Thu, 02 Dec 2021 08:01:53 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l1ntwvDZh9LXZkJoOTxo%2FW589AfAF2IQ%2FKcj8xZGq7%2FfeyADfazLt4eyg9jsxtS5DWgw%2BYJWFglMEDPAgd9nGvaykQbPgQ5uf77UptQJad5NKXXm9hFStcIzFy0OfW6Hgew1YBc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83cbc35259405c2c-FRA
expires
Thu, 07 Nov 2024 22:56:06 GMT
icomoon.ttf
owo.vn/wp-content/themes/paradise/css/fonts/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://owo.vn/wp-content/themes/paradise/css/fonts/icomoon.ttf
Requested by
Host: owo.vn
URL: https://owo.vn/wp-content/litespeed/css/c0762cb88568b462af52ab74a615cd60.css?ver=a5228
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:a77f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fd05182f9fe1a9652cae1fa97c9c4eaef2e4774a8a9e4f50288fc49721797e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://owo.vn/wp-content/litespeed/css/c0762cb88568b462af52ab74a615cd60.css?ver=a5228
Origin
https://owo.vn
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:10:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 02 Dec 2021 08:01:53 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJi4ChMKT7KoDCwC9qEU%2BQGT7S4OCiz6NmWB12vzVMKVjfnmhgbkZPCEEEpgSV1phhQKbcrH%2BeaO9SXs%2BUMtddabdamUHKMw5U3hfBpnPugmr2gXxeslcb9vYjXGNL7Q8tt6N9Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/ttf
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
83cbc3533a3f5c2c-FRA
expires
Fri, 08 Nov 2024 22:48:05 GMT
symbol-defs.svg
owo.vn/wp-content/plugins/simple-social-icons/ 		19 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://owo.vn/wp-content/plugins/simple-social-icons/symbol-defs.svg
Requested by
Host: owo.vn
URL: https://owo.vn/neu-ma/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:a77f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
194388578fe16a8f6d0790e1af9f6f935a03b3ecb8d7620f0ebca642761ebc88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://owo.vn/neu-ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:10:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 15 Apr 2020 00:11:48 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Gy00tugWTk%2Bo8R3CY3Dvqz4pM1J00rbM2xCAT0oeqd3Ey%2Bj9oQfsM9LUzmtEXNPeTI3wSkIgJCHIjxwEvbBNlSNgTjaGQ%2Fdmyaz97V6QDkP7DiINxETg4P3nlSAPooJUVkE3tI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
83cbc3534a4f5c2c-FRA
expires
Tue, 29 Oct 2024 00:21:18 GMT
truncated
/ 		146 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27dff78f585f6fbb72773afbfac0dcc2bc52437fee2fc63fdfb30abee592d025

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		142 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3bbabd7a756134c28330f44e37d16d17350c7ff99342bd72d85387846457548e

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		140 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f4f87a8d3c9614d5963e8938243cf994556526a4122042d3cf1ca6c93d8e8d02

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		142 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4407ed6ee8d4bf80c31efbebaf0af9c89fb1e35d3eef458186ad2972e355515b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
icons.woff2
owo.vn/wp-content/plugins/social-media-share-buttons/font/ 		3 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://owo.vn/wp-content/plugins/social-media-share-buttons/font/icons.woff2
Requested by
Host: owo.vn
URL: https://owo.vn/neu-ma/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:a77f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e05fb8d54f53f25dab931a4f41c1d4ad724e95ed0759703cd47185a77bcce41a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://owo.vn/neu-ma/
Origin
https://owo.vn
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:10:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
3436
last-modified
Thu, 02 Dec 2021 08:24:33 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mXu2tBIlZQIDToO16YxgTS%2F6%2Brxn1tcNlVn9M1v%2BrgqFcWr6AOaXcG3KsSYvCmJO2%2FuxuNIGtdHcfHw4U1Cg2qnhr9yp6xd4bvF7IPUaAiV5NOlbehik1dRTVFCUgMM1txyoT7k%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83cbc3535a625c2c-FRA
expires
Tue, 24 Dec 2024 14:44:21 GMT
code.php
uhchat.net/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uhchat.net/code.php?f=0be7c1
Requested by
Host: owo.vn
URL: https://owo.vn/neu-ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:267b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f517ea6ea6cd55285b61d90dc256015c22bb9fc9cc3a16384860623bd1dcb6b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://owo.vn/neu-ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:10:58 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lU4V4RHVR7qZr9JDaukKPktFP6M4XGKviufWN%2B1sBPmwZHkXOIgDTQZfM4Yi94vsz%2Btlu%2FPDrXeGfvqJgwmOoivg6GLGuERc639QATOkWnIdTo08AQ1GedpnSo09NH%2Bh5riTwzj4Nn%2Bt"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
83cbc3553bbd56b6-IAD
alt-svc
h3=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: owo.vn
URL: https://owo.vn/neu-ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a230188fa5bf5d038e6c5aa630498ade511402176fd76ec62ad0c6ee3bf5b79c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://owo.vn/neu-ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:10:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51595
x-xss-protection
0
server
cafe
etag
6203107573080888728
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 28 Dec 2023 18:10:57 GMT
b41ef3855793627871a3cd9053b188b5.js
owo.vn/wp-content/litespeed/js/ 		32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://owo.vn/wp-content/litespeed/js/b41ef3855793627871a3cd9053b188b5.js?ver=a5228
Requested by
Host: owo.vn
URL: https://owo.vn/neu-ma/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:a77f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86a37cb1e02fd42c193efcb4543f511cd74bdd9d47a89dbfff49633784951f3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://owo.vn/neu-ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:10:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-polished
origSize=32458
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 28 Oct 2023 22:17:01 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jw3D1f5wTbkox7arfojkghXinabMndTAosFpFbP5T506TIcgZ4Q8FscUOFgy1xi%2BItIFZTmrDaCOJaeFlJO%2FUeDrkOoU%2Fy%2Bkg1iBSUqAxhirU2N5Zaclh3vSgwvcw43keUgi1%2B8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
83cbc3537a7a5c2c-FRA
expires
Wed, 06 Nov 2024 21:50:42 GMT
/
uhchat.net/chat/ Frame 6318 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://uhchat.net/chat/?f=0be7c1&title=N%E1%BA%BFu%20M%C3%A0%20-%20L%C3%AA%20Th%C3%BAy%20H%E1%BA%B1ng&parent=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ref=
Requested by
Host: uhchat.net
URL: https://uhchat.net/code.php?f=0be7c1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:267b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d243724e397b928a15de4b7ea42cce2aa6fb8a45a76c0d28346de289401a1b7

Request headers

Referer
https://owo.vn/neu-ma/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
83cbc3594f0256b6-IAD
content-encoding
br
content-type
text/html
date
Thu, 28 Dec 2023 18:10:58 GMT
expires
Sat, 01 Jan 2005 00:00:00 GMT
last-modified
Thu, 28 Dec 2023 18:10:58GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZfp5HqTPWkEuN%2FG1WrssHVqDny8NLOxvlro71qdp0YxWcz0tYfZIA1gF%2F0LCmKTJOcqVjj28vhPIpgyBoHTN5cgSyPagbiM%2BDP2Kw41Jnlaa1kRJ18zgpZVqz8BeBNMcdyy2ot9o9Vy"}],"group":"cf-nel","max_age":604800}
server
cloudflare
chat-11.png
uhchat.net/themes/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uhchat.net/themes/chat-11.png
Requested by
Host: owo.vn
URL: https://owo.vn/neu-ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:267b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2454d27adafe5b2e2d50f17466ea8ca384780db7b847eabf71c74bcceedb19a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://owo.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:10:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3172874
alt-svc
h3=":443"; ma=86400
content-length
7784
last-modified
Mon, 18 Jul 2016 03:54:30 GMT
server
cloudflare
etag
"578c52f6-1e68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZcAnchT%2FUGpNsMuYKkXr1S2ZI%2BL2rpWbe1eeqmHK5nqQc2S7%2Bt6ESwls3iH8y%2Bwk9N5c7ynIskSV%2B0sg%2FRkFvhMC8jJIDPeAyim%2FttNSoSnFh8HdQDEeRmjiPh3NPLK7PlHwBxzXmbUx"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
83cbc3594f0456b6-IAD
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		265 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0b1268d82717b049c3ccabaa897ec15bee4b2fa1d899ef8f12cb9c704313daee

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		329 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf3ec89eaa7c3d665d75d3dc03c8e6e6f9ff0c0b667e673609ed63a0fca0c52c

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		121 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c961c13ec5b0b257ee7049bdeb1078def025e3ee6c02ca609b6a45e2ca48056f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		263 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b34986a42075a5c29f6854661606a60377e5173c6fd8f6ebf943ca76ef12b6c2

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		138 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5319c94823585e739f61ed33e6f6e066422796acdacefda6fb135220786110eb

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
text/javascript
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
698bcb134accc02c2a6d8ea90c2bb1eed8ac90ebbd55ddb99441cf9898c99733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://owo.vn/neu-ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:10:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137924
x-xss-protection
0
server
cafe
etag
11781895738544162849
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Dec 2023 18:10:58 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 8CE6 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://owo.vn/neu-ma/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
67925
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 27 Dec 2023 23:18:53 GMT
etag
5585625838579639069
expires
Wed, 10 Jan 2024 23:18:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
57v4u2ly2y
www.clarity.ms/tag/ 		1018 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/57v4u2ly2y
Requested by
Host: owo.vn
URL: https://owo.vn/neu-ma/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f515534d19d71fe46d1a70045ce308eb809fc4a30f77f50010887ff1ee69ca29

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://owo.vn/neu-ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
-1
date
Thu, 28 Dec 2023 18:10:58 GMT
x-azure-ref
20231228T181058Z-x045x3qg4x70t089dr6ehkx0e400000002bg0000000174e0
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
1018
request-context
appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
xfbml.customerchat.js
connect.facebook.net/vi_VN/sdk/ 		312 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/vi_VN/sdk/xfbml.customerchat.js
Requested by
Host: owo.vn
URL: https://owo.vn/neu-ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bd95cdc94837b2b710952fc5bb3483130013ff18e99bc76c317fad9583eb1967
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://owo.vn/neu-ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 28 Dec 2023 18:10:58 GMT
content-md5
2FGh+4cGK0S710PBr9aUyw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
90736
reporting-endpoints
x-fb-debug
M35nci8MX4qKGFGVfSAi6HWXoCk0hZj/6eHhFLqxZL2+/iYd5RyvLaWlAJxuJ8JwDUKAAtNlxE3DzE9s2/NIfg==
x-fb-content-md5
92897c227837ef29b8ae37bf110011b0
cross-origin-opener-policy
same-origin-allow-popups
etag
"47be72e385282a41104b2fa5efcd19ce"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 28 Dec 2023 18:18:45 GMT
clarity.js
www.clarity.ms/s/0.7.20/ 		60 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.20/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/57v4u2ly2y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://owo.vn/neu-ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:10:58 GMT
content-encoding
br
last-modified
Wed, 13 Dec 2023 19:57:52 GMT
etag
W/"0x8DBFC15CAB825ED"
vary
Accept-Encoding
x-azure-ref
20231228T181058Z-x045x3qg4x70t089dr6ehkx0e400000002bg0000000174ed
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
577caa99-b01e-006c-09c6-37c54c000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
ads
googleads.g.doubleclick.net/pagead/ Frame E3A3 		384 KB
99 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9927393713550282&output=html&adk=1812271804&adf=3025194257&lmt=1703787058&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703787058084&bpp=6&bdt=1178&idt=280&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2939274579570&frm=20&pv=2&ga_vid=246232683.1703787058&ga_sid=1703787058&ga_hid=470107238&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C95320884&oid=2&pvsid=2076560842998984&tmod=1913879467&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=297
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9282b44a446a2c47ea968053b5718fbabbe56d6c31721be11375b7d7a160c53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://owo.vn/neu-ma/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
100644
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Dec 2023 18:10:59 GMT
expires
Thu, 28 Dec 2023 18:10:59 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=uhchatboz&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: owo.vn
URL: https://owo.vn/neu-ma/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://owo.vn/neu-ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:10:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=nav-primary%20genesis-responsive-menu&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: owo.vn
URL: https://owo.vn/neu-ma/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://owo.vn/neu-ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:10:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
l.clarity.ms/ 		0
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.120.65.166 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://owo.vn/neu-ma/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://owo.vn
Date
Thu, 28 Dec 2023 18:10:58 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
avatar.jpg
uhchat.net/themes/ Frame 6318 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uhchat.net/themes/avatar.jpg
Requested by
Host: uhchat.net
URL: https://uhchat.net/chat/?f=0be7c1&title=N%E1%BA%BFu%20M%C3%A0%20-%20L%C3%AA%20Th%C3%BAy%20H%E1%BA%B1ng&parent=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ref=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:267b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15501b895259da7c075bbd1ea995860c4639cab601bea198ff0774474ecbf6d3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://uhchat.net/chat/?f=0be7c1&title=N%E1%BA%BFu%20M%C3%A0%20-%20L%C3%AA%20Th%C3%BAy%20H%E1%BA%B1ng&parent=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ref=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:10:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3617147
alt-svc
h3=":443"; ma=86400
content-length
4872
last-modified
Tue, 18 Aug 2015 00:20:00 GMT
server
cloudflare
etag
"55d27a30-1308"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K9C6vfwPxSxBJV%2F%2FXDGUnvNdM1Hwi46j14nilb8AbI8nmHfgBHccJFLdVhOblcFKgPiDBfXaoLXAA6Z9YWJxNnlQZ4%2BL7IyeiF97v7%2Fxfja8hK1IEu0iTsZ934S45%2F5FnxR1uMGvNPR7"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
83cbc35b8cee6f7c-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
online.gif
uhchat.net/themes/ Frame 6318 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uhchat.net/themes/online.gif
Requested by
Host: uhchat.net
URL: https://uhchat.net/chat/?f=0be7c1&title=N%E1%BA%BFu%20M%C3%A0%20-%20L%C3%AA%20Th%C3%BAy%20H%E1%BA%B1ng&parent=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ref=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:267b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02c3d40f5a164d5cebbd5e276182d1f73802521d3fc9420c54d6f55716637682

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://uhchat.net/chat/?f=0be7c1&title=N%E1%BA%BFu%20M%C3%A0%20-%20L%C3%AA%20Th%C3%BAy%20H%E1%BA%B1ng&parent=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ref=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:10:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2580115
alt-svc
h3=":443"; ma=86400
content-length
2879
last-modified
Tue, 18 Aug 2015 00:23:00 GMT
server
cloudflare
etag
"55d27ae4-b3f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K9ZPyXpEw5D%2By7MdYsj3YXJyWh9KfVebblcDxZfPIyj1F4Im43udgrEvZEndFZuCkmbtRVSyl9ofBUi2uQpEC1lZOWl5rx0Wmt5bi%2FZdUimAfgh%2FdbQIgOB5mNkEqTZHwS8j4GkBtsoT"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
83cbc35b8cef6f7c-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
noavatar.png
uhchat.net/themes/ Frame 6318 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uhchat.net/themes/noavatar.png
Requested by
Host: uhchat.net
URL: https://uhchat.net/chat/?f=0be7c1&title=N%E1%BA%BFu%20M%C3%A0%20-%20L%C3%AA%20Th%C3%BAy%20H%E1%BA%B1ng&parent=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ref=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:267b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85bd0a750c57573df2c196f046712c19af7fd05afa6c81664d1cc1a5649bef65

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://uhchat.net/chat/?f=0be7c1&title=N%E1%BA%BFu%20M%C3%A0%20-%20L%C3%AA%20Th%C3%BAy%20H%E1%BA%B1ng&parent=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ref=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:10:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2531886
alt-svc
h3=":443"; ma=86400
content-length
3786
last-modified
Tue, 18 Aug 2015 00:23:00 GMT
server
cloudflare
etag
"55d27ae4-eca"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HuEButQS7ek5snAWzRWKeEYJ28lUP1NwkZ5esJo26mNI%2BuVaPgvH%2F73AuKGpxJ9uDvVIy8yTCh8WpUMwGkbwsi7p477%2FxjUrS2wvw8jj%2ByqlCaubAVzWs%2FYINK1BLz3x12OCwUdc0Ao6"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
83cbc35b8cf06f7c-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
www.facebook.com/plugins/customer_chat/SDK/ 		0
0
/
www.facebook.com/plugins/customer_chat/facade/ 		1 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/customer_chat/facade/?app_id=&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2c4ec5b9edfc78%26domain%3Dowo.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fowo.vn%252Ff3715b6b69d7c9%26relation%3Dparent.parent&current_url=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&is_loaded_by_facade=true&locale=vi_VN&log_id=7193ec80-3786-4522-9c70-c5bee7174054&logged_in_greeting=Mr%20Kh%C3%A1nh%200963138666%20xin%20ch%C3%A0o%20b%E1%BA%A1n!%20T%C3%B4i%20c%C3%B3%20th%E1%BB%83%20gi%C3%BAp%20g%C3%AC%20cho%20b%E1%BA%A1n%20kh%C3%B4ng%3F&logged_out_greeting=Mr%20Kh%C3%A1nh%200963138666%20xin%20ch%C3%A0o%20b%E1%BA%A1n!%20T%C3%B4i%20c%C3%B3%20th%E1%BB%83%20gi%C3%BAp%20g%C3%AC%20cho%20b%E1%BA%A1n%20kh%C3%B4ng%3F&page_id=105764484141764&request_time=1703787059216&sdk=joey&should_use_new_domain=false&suppress_http_code=1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk/xfbml.customerchat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e4d1c023f59d599e8987a6572987efe4bb9c4057daa02282bbf0060854273a88
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://owo.vn/neu-ma/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), keyboard-map=()
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Thu, 28 Dec 2023 18:10:59 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
ovjTVWXP5yeTiLo+fz3/bCQKUkk1PInrKnTOQ40J72jXrbxoFkSOakqJKzhMg5pKhmbT/3siErdcm3jXaOmEtA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/json; charset=utf-8
x-frame-options
DENY
access-control-allow-origin
https://owo.vn
cache-control
private, no-cache, no-store, must-revalidate
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=74F68166EFFD4AC48AF38626379957B5&RedC=c.clarity.ms&MXFR=37CAD056164964892FB8C3A312496A9E
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=74F68166EFFD4AC48AF38626379957B5&MUID=22DA663E27E76CA62C9475CB264B6D74
42 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=74F68166EFFD4AC48AF38626379957B5&MUID=22DA663E27E76CA62C9475CB264B6D74
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://owo.vn/neu-ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:10:58 GMT
last-modified
Tue, 12 Dec 2023 19:03:29 GMT
server
Microsoft-IIS/10.0
etag
"e8d91e42d2dda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:10:59 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 341C293E776F41BE9FFE685051E52422 Ref B: FRA31EDGE0717 Ref C: 2023-12-28T18:10:59Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=74F68166EFFD4AC48AF38626379957B5&MUID=22DA663E27E76CA62C9475CB264B6D74
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7150e6de30fc2652cfc6bf6cd0b55afb42055483d4c16442dd8d6aaab6b467b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://owo.vn/neu-ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:10:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12261
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3b8f1ba8fe652c356d5e0ec0b158a5a34280470d564fb12788fe6479c694e024
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://owo.vn/neu-ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:10:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56005
x-xss-protection
0
server
cafe
etag
15549194900858665067
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Dec 2023 18:10:59 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame B6E8 		30 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9927393713550282&output=html&h=280&adk=377845342&adf=2791373073&pi=t.aa~a.3404089767~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1703787059&rafmt=1&to=qs&pwprc=6711635098&format=360x280&url=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703787059260&bpp=1&bdt=2355&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939274579570&frm=20&pv=1&ga_vid=246232683.1703787058&ga_sid=1703787058&ga_hid=470107238&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C95320884&oid=2&pvsid=2076560842998984&tmod=1913879467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a12842390c74424ff31cb1a869cd98863468e14d49fd4f147747575b2225781c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://owo.vn/neu-ma/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
13047
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Dec 2023 18:10:59 GMT
expires
Thu, 28 Dec 2023 18:10:59 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 174C 		708 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9927393713550282&output=html&h=280&adk=3088186576&adf=2913177901&pi=t.aa~a.1745538876~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703787059&rafmt=1&to=qs&pwprc=6711635098&format=1200x280&url=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703787059260&bpp=1&bdt=2355&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C360x280&nras=3&correlator=2939274579570&frm=20&pv=1&ga_vid=246232683.1703787058&ga_sid=1703787058&ga_hid=470107238&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C95320884&oid=2&pvsid=2076560842998984&tmod=1913879467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=14
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2440613ec7e16e34670890d4af5ac108dd69a770d2e0a11f6ea58793b278c59d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://owo.vn/neu-ma/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
354
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Dec 2023 18:10:59 GMT
expires
Thu, 28 Dec 2023 18:10:59 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 22CA 		708 B
378 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9927393713550282&output=html&h=280&adk=1213588912&adf=1119259538&pi=t.aa~a.3804633860~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703787059&rafmt=1&to=qs&pwprc=6711635098&format=1200x280&url=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703787059260&bpp=1&bdt=2354&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C360x280%2C1200x280&nras=4&correlator=2939274579570&frm=20&pv=1&ga_vid=246232683.1703787058&ga_sid=1703787058&ga_hid=470107238&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4480&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C95320884&oid=2&pvsid=2076560842998984&tmod=1913879467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=16
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49585be808b6675a64e868eed81caa0f3a480cc623821fd6dc924917290c923d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://owo.vn/neu-ma/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
353
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Dec 2023 18:10:59 GMT
expires
Thu, 28 Dec 2023 18:10:59 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
OZjWSxbEh4Y
www.youtube.com/embed/ Frame 082E 		93 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/OZjWSxbEh4Y?
Requested by
Host: owo.vn
URL: https://owo.vn/neu-ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7499d7be95e3c0434bae2928f93d5cfdb3246b712774208c90dec6c78c180f7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://owo.vn/neu-ma/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Dec 2023 18:10:59 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
nhac-neu-ma.jpg
owo.vn/wp-content/uploads/2023/12/ 		340 KB
340 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://owo.vn/wp-content/uploads/2023/12/nhac-neu-ma.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:a77f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e07d0e3d10573cf270a43fd18e4f34d7df2154df4bf72a36bf662edeb15e60ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://owo.vn/neu-ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:10:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
347725
last-modified
Wed, 27 Dec 2023 11:02:54 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cUUyZAUq%2FVCOwqdgfhlmcqfPQGsjCMVzIs6lFyEjxbxVFeeVbbgv2JQNqR7n6N9sUYkBEJbr4eDkMjf7MDypJ0IIPdG2mfeCEjqCXIdv9MmeAZHDUP7iXuFjWFqIvArVFEeuISM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83cbc360a8ff5c2c-FRA
expires
Tue, 24 Dec 2024 09:03:00 GMT
Kem-Merino-100x100.jpg
owo.vn/wp-content/uploads/2023/02/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://owo.vn/wp-content/uploads/2023/02/Kem-Merino-100x100.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:a77f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35ecd81219684605c1ba4264495f5d1280c1e72d76c5f8d6c5a67666b6b689fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://owo.vn/neu-ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:10:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
3942
last-modified
Wed, 08 Feb 2023 00:19:43 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i8opFPzhR64gg5tinl37WVrhB6Xsr2byOxQVr3Y4AyFQn6UKvLiAU78J3foGd3DXJ43OrQSg%2FjijnOkuk6Xwwq408lB7LLJbS3FZBZ8mnxULdifMT3Pi07QMEQ0s%2FbVc0ACFiVY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83cbc360a9025c2c-FRA
expires
Wed, 25 Dec 2024 16:10:26 GMT
bao-hiem-100x100.jpg.webp
owo.vn/wp-content/uploads/2020/10/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://owo.vn/wp-content/uploads/2020/10/bao-hiem-100x100.jpg.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:a77f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c366012f38dca01ffac478b10c620bcea3e773e75c5dd067abcc1b667095441
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://owo.vn/neu-ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:10:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
3060
last-modified
Thu, 02 Dec 2021 18:12:08 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2B47JetZqn049VIjT4vsRl7uM7FnL4mAPnnFfjCAjmou4Tcjd9YyaKvRAmn7i9LI6ymGtKvGWLiHlG52odEZsdnaJiOlrfc80O3w4fw%2BWYDIU5QW2ZnUfGCcS4DW3KESwpF1B9I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83cbc360a9045c2c-FRA
expires
Sun, 22 Dec 2024 05:11:45 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://owo.vn/neu-ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:10:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 28 Dec 2023 18:10:59 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 907E 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://owo.vn/neu-ma/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
72815
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 27 Dec 2023 21:57:24 GMT
etag
5585625838579639069
expires
Wed, 10 Jan 2024 21:57:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame A951 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://owo.vn/neu-ma/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
72815
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 27 Dec 2023 21:57:24 GMT
etag
5585625838579639069
expires
Wed, 10 Jan 2024 21:57:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 75C3 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://owo.vn/neu-ma/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
72815
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 27 Dec 2023 21:57:24 GMT
etag
5585625838579639069
expires
Wed, 10 Jan 2024 21:57:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 907E 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 28 Dec 2023 18:10:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 28 Dec 2023 17:08:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 28 Dec 2023 18:10:59 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 907E 		205 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 10:12:33 GMT
x-content-type-options
nosniff
age
28706
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 27 Dec 2024 10:12:33 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 907E 		604 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 01:13:33 GMT
x-content-type-options
nosniff
age
61046
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 27 Dec 2024 01:13:33 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 907E 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 03:25:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
53119
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6766
x-xss-protection
0
server
cafe
etag
14924840246271906451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 Jan 2024 03:25:40 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 907E 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:25:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
56723
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9210
x-xss-protection
0
server
cafe
etag
13914886398874665762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 Jan 2024 02:25:36 GMT
/
www.facebook.com/plugins/customer_chat/SDK/ 		0
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9551 		478 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQtrWInAQYpdXE9AEwAQ&v=APEucNXr69KY2hfDG3Y5MOI91Iupw6-ZgJ032n46szAuBDPIuChQZtmroY77_HL_CtQKznUoi_MYigu2d9VIKDTGv5LappBGsw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Dec 2023 18:10:59 GMT
expires
Thu, 28 Dec 2023 18:10:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame A951 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: owo.vn
URL: https://owo.vn/neu-ma/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 20:43:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
77279
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Jan 2024 20:43:00 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame A951 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: owo.vn
URL: https://owo.vn/neu-ma/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:43:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
55653
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 Jan 2024 02:43:26 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame A951 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: owo.vn
URL: https://owo.vn/neu-ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 13:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
188503
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 13:49:16 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame A951 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:29:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
74469
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Jan 2024 21:29:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame A951 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:29:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
74470
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Jan 2024 21:29:49 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A951 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ChFY92AX2YddR0IsRM9f4HiMZ-ZB2RjIOHmk6IOtYrX2HKO4OtSiCMlmzZyVm3Fju46fkuAjb949qBHO95JmCDizLSi4F1gIpAEdGCxb4q84jjTqY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:10:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame A951 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:10:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Dec 2023 18:10:59 GMT
12143676301298249536
s0.2mdn.net/simgad/ Frame A951 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/12143676301298249536
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59ea9ab170419b74a62021ccf7541281cb5b0a2da05d4b7aaafbec92c91ffd05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 25 Dec 2024 09:11:21 GMT
date
Tue, 26 Dec 2023 09:11:21 GMT
x-content-type-options
nosniff
age
205178
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48240
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 17:35:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
pixel
googleads.g.doubleclick.net/xbbe/ Frame E26D 		478 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHQ9gIQ9r39-gEY25uJgQIwAQ&v=APEucNVgRZvGdnUj7r3BVfL0Z0rnSWzJ7dDRFCmlNh_euzCQzy7rtzCY3niliTd8qs8WY53rlVVW-bXL8fXO04v4nDx2PMNijg
Requested by
Host: owo.vn
URL: https://owo.vn/neu-ma/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Dec 2023 18:10:59 GMT
expires
Thu, 28 Dec 2023 18:10:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame C55C 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: owo.vn
URL: https://owo.vn/neu-ma/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:10:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 28 Dec 2023 18:10:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame C55C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: owo.vn
URL: https://owo.vn/neu-ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:29:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
74469
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Jan 2024 21:29:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame C55C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: owo.vn
URL: https://owo.vn/neu-ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:29:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
74470
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Jan 2024 21:29:49 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C55C 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771
Requested by
Host: owo.vn
URL: https://owo.vn/neu-ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:10:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Dec 2023 18:10:59 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C55C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CorbgpSAq5t9d2dHtwsFtf6mCU8UKwr-GOenxD_RsZfGXJSA_HU8oKqNOrpEkzZDnXsxsvajTTTswgJKnsL7XgRfryiKln1cHYR_6E3iNVqTWyzBI
Requested by
Host: owo.vn
URL: https://owo.vn/neu-ma/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:10:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5F2F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://owo.vn/neu-ma/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
5201
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Dec 2023 16:44:18 GMT
expires
Fri, 27 Dec 2024 16:44:18 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8330 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f9313751d20148e0539126286d07440c2ed3ca722521a214ffb926e5f36f925c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fOWQdt-LPHBlHEdrs1HVaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://owo.vn/neu-ma/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-fOWQdt-LPHBlHEdrs1HVaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 28 Dec 2023 18:10:59 GMT
expires
Thu, 28 Dec 2023 18:10:59 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame E09F 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
186620
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 26 Dec 2023 14:20:39 GMT
expires
Wed, 25 Dec 2024 14:20:39 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
www-player.css
www.youtube.com/s/player/da154528/ Frame 082E 		358 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/da154528/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/OZjWSxbEh4Y?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af17d4cff542b33c97ee3a95f82a21d8993c87fd3472dff534fa855828a3b615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.youtube.com/embed/OZjWSxbEh4Y?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:00:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
620
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47436
x-xss-protection
0
last-modified
Mon, 18 Dec 2023 02:48:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 27 Dec 2024 18:00:39 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 082E 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/OZjWSxbEh4Y?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 23:26:56 GMT
x-content-type-options
nosniff
age
585843
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Dec 2024 23:26:56 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 082E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/OZjWSxbEh4Y?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:01:27 GMT
x-content-type-options
nosniff
age
76172
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Dec 2024 21:01:27 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 5F2F 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 15:59:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
7869
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Dec 2024 15:59:50 GMT
pixel
cm.g.doubleclick.net/ Frame 9551 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQtrWInAQYpdXE9AEwAQ&v=APEucNXr69KY2hfDG3Y5MOI91Iupw6-ZgJ032n46szAuBDPIuChQZtmroY77_HL_CtQKznUoi_MYigu2d9VIKDTGv5LappBGsw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:10:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9551
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6DpEr_FeJjfvGkpnyHqiI&google_cver=1
43 B
728 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6DpEr_FeJjfvGkpnyHqiI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQtrWInAQYpdXE9AEwAQ&v=APEucNXr69KY2hfDG3Y5MOI91Iupw6-ZgJ032n46szAuBDPIuChQZtmroY77_HL_CtQKznUoi_MYigu2d9VIKDTGv5LappBGsw
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:10:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eXCQHdOnjblAzyCPWW504io7FTTjT1PmFNjHy8wjnAdwkH0jBfCWK8PkQuGQLVk7lFrlc7skmsc35DcSVu50dLquvleWLUjra4HzIvCLLn2I2596g4qcUxmnMod5Wj2UloriAI89jUsgBA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83cbc362c9843666-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:10:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6DpEr_FeJjfvGkpnyHqiI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9551
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZY26MxKMFqBZJe8SHS.bfQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAGMPagaFM9Ip4D_un7pTSw&google_cver=1&google_hm=2
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAGMPagaFM9Ip4D_un7pTSw&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQtrWInAQYpdXE9AEwAQ&v=APEucNXr69KY2hfDG3Y5MOI91Iupw6-ZgJ032n46szAuBDPIuChQZtmroY77_HL_CtQKznUoi_MYigu2d9VIKDTGv5LappBGsw
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:10:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0uXPz4UlBtIs6Bg4lSyE%2BcXSwapD3gvtcshT5XPNIawJOc0covXQYWy4xTiuAnn%2BgsWk1bBnEZZ4DDkLeCKtcfuL6cVEvrfkGhbKSPwwXhh5x2CWUCupDgOjExhglCQV1Wi1gcH4nCRTJg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83cbc3631a023666-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:10:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAGMPagaFM9Ip4D_un7pTSw&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 49C1 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 28 Dec 2023 18:10:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 28 Dec 2023 18:04:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 28 Dec 2023 18:10:59 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 49C1 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:29:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
74470
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Jan 2024 21:29:49 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 49C1 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:29:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
74469
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Jan 2024 21:29:50 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 9E0D 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
1955
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Dec 2023 17:38:24 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 49C1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:29:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
74469
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Jan 2024 21:29:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 49C1 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:29:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
74470
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Jan 2024 21:29:49 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 49C1 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:10:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Dec 2023 18:10:59 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame 49C1 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 13:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
274456
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 24 Mar 2024 13:56:43 GMT
embed.js
www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/ Frame 082E 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/OZjWSxbEh4Y?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abbda51c88a9a22c60f30b677f8925355382798bfcabb143d3938400c484d0f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.youtube.com/embed/OZjWSxbEh4Y?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:24:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
294405
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16336
x-xss-protection
0
last-modified
Mon, 18 Dec 2023 02:48:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 24 Dec 2024 08:24:14 GMT
www-embed-player.js
www.youtube.com/s/player/da154528/www-embed-player.vflset/ Frame 082E 		322 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/da154528/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/OZjWSxbEh4Y?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d854531f9c3833536d6971b4fd7617dafe1a2c6fd0bbed9469122e73ff3b13a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.youtube.com/embed/OZjWSxbEh4Y?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 17:35:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
2138
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98735
x-xss-protection
0
last-modified
Mon, 18 Dec 2023 02:48:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 27 Dec 2024 17:35:21 GMT
base.js
www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/ Frame 082E 		2 MB
768 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/OZjWSxbEh4Y?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e43938512568a6819be40d8c79292dc4b5d9ac9888f23a9f5ba931f98ce81aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.youtube.com/embed/OZjWSxbEh4Y?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:24:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
294405
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
786305
x-xss-protection
0
last-modified
Mon, 18 Dec 2023 02:48:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 24 Dec 2024 08:24:14 GMT
pixel
cm.g.doubleclick.net/ Frame E26D 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHQ9gIQ9r39-gEY25uJgQIwAQ&v=APEucNVgRZvGdnUj7r3BVfL0Z0rnSWzJ7dDRFCmlNh_euzCQzy7rtzCY3niliTd8qs8WY53rlVVW-bXL8fXO04v4nDx2PMNijg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:10:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E26D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAGMPagaFM9Ip4D_un7pTSw&google_cver=1
43 B
770 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAGMPagaFM9Ip4D_un7pTSw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHQ9gIQ9r39-gEY25uJgQIwAQ&v=APEucNVgRZvGdnUj7r3BVfL0Z0rnSWzJ7dDRFCmlNh_euzCQzy7rtzCY3niliTd8qs8WY53rlVVW-bXL8fXO04v4nDx2PMNijg
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:10:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F2M8hRKV%2Fb1IhXPan4m6K2tTaUGhA0vee%2FMy9ghJoVsqyq1y3lMIkaZjSpdFdlFKxNT%2FtHZmKMznzyeFjKwT0wl4RVAxTyip1kosjNf544eYbAMpK3KGqftUaNuNYZmav7FDKkcOTCmPgA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83cbc362c9823666-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:10:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAGMPagaFM9Ip4D_un7pTSw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E26D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZY26MxKMFqBZJe8SHS.bfQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAGMPagaFM9Ip4D_un7pTSw&google_cver=1&google_hm=2
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAGMPagaFM9Ip4D_un7pTSw&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHQ9gIQ9r39-gEY25uJgQIwAQ&v=APEucNVgRZvGdnUj7r3BVfL0Z0rnSWzJ7dDRFCmlNh_euzCQzy7rtzCY3niliTd8qs8WY53rlVVW-bXL8fXO04v4nDx2PMNijg
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:10:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rFgW9hb4KtSF6vgtald1yMnH0HjbsuiHuIL%2BKH2itH5x5Hh8VXCDyQ5ewwj7YQ4L52nQuGHXIu9scEKx%2FGTD4RA4x08cplyjnERmWdDwNx13d3OGjitps%2FEgvS%2B7vbPTon0miOXdLawoA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83cbc3631a033666-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:10:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAGMPagaFM9Ip4D_un7pTSw&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame E09F 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 15:59:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
7869
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Dec 2024 15:59:50 GMT
collect
l.clarity.ms/ 		0
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.120.65.166 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://owo.vn/neu-ma/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://owo.vn
Date
Thu, 28 Dec 2023 18:10:59 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
gen_204
pagead2.googlesyndication.com/pagead/ Frame C55C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7907435931400&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:10:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C55C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7907435931400&version=m202309260101&ct=76&x=1&cor=17201279820529598000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:10:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame C55C 		108 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A5WRoU5uasi5yrm90d7yYKEBNc3hd0ogmE40-wQwbISMlbD3SPK5NWjKWEX0qFW0kC2xA6HsJMIZeK-DvV-nGvk1DXV2Yv5MfuUitm4f0o8kuWdjkbPRBlcFMVfE0cSo0_bIFuwnmdLv2LUULz6J46oSljQNtUiibiSawVYWLc_BbWnY8&dbm_d=AKAmf-Bs_mupGoBNSyd8Yls2I_PYKojxceupMdgbJPxUxDYpTxg78kjZjyy_HNEBPQw8X-cSaQhNXLI_m-Twx-NGQDELL-tzFchpNDE6TEOIZ7Vo9LvKSKDMRFAi3u6C39TGUyiKIq01gtqglKgGAhy0Qqr1RAM6LDCnyR0i-0Sekz6GBvb1FOZdJGx1kswMODCgU1HRLFJqqeoZZPV6eIZ6lmAjUU31-93yrEAlW4uZj2WrankYrslPD431Jgq4qU9IkDwVE47hV81iu7GBe7RW_us57NryAWviaMrPX4-havQtDUHsD1Vn6LSPe5HhL7tGGLZBwXHOM9LrJ9daeNsK_R5kkfazqK8bPN7w-KGpSkWfxGJdHMusYEWMirTQEBEBi-h38M6kbhg4JQgblJWsN_ONgvq7efyGOs_zeOWU533veg0bkaPsdKxYo59MDe3HaQ7EOajnkej8oQ_7MKEXsmYElaoqMukC6jZ_rMqAXNuwkdQgtHqgqNDdEGFCr5nbrdSnJlwQ9Fc6dVsJKUueYdVB-0i67UKpyuIHNxwCXfrWFnbFZ9-KVDuSeYKj336gfqhpdPGw3zqVu2nBaoks92noFGUnd9OX_I2uT05Q0p2XX8wSnVvYnYCfIpUxFb8Y99cL0BgrrxqFfPeSCkDR9uTbOU2ztYfUm38y_rE1cV62uB_AoCBfIfQaWh38-VFThPSA23J8BUicq5NQGzGPuYD520NK_LdAx35yXtIpHvktnXju3MH0IvNAk9EBR3EFDzxBc_0nwnV4FjWhi7LPZH4n9nLkynhm0zBtwOC9lV40oeQzS9BRtaEQBaiLCPofWHWI3OeIPTHGhOgzG2xSQ1tv2oToupzqkuVrc6khwDwROVhgU4pU-9_wg_mwDhadHL1DNL0OSxUPNzChAjtxS-rU4jXkbQH-JOXcIDIOsLh6-ldtwcAJEYzYysNZR2AegSrylzTcnpBRr0MA9-QcbWp9fJTGRDf74hu2pDiTVjpakVU33Y3QOHgDmTjBZht26MJOjKQ1FzzJ41tERXTnG0KiPpjiSMd25swguN0qAxrn7rcVcKV9uZpEhPdm0OhLwpH3INR3HIc2J3xgOF5yin31hRSioCjqj3j1ulRkiNDiQGCTyFLuIknTNPdll7FbLiPdIoi1NZY8ml6YgSW7JFw5ut05AGT_WY07xuHXVxPngppWR1bEErL4_DMCPj5hoqVv1duYk5jWRCGnWiffriiXFCoPkDXKPD69AbquW543YTYU_Q3Tfcwym5j6SyFF2hJGoIxjnTVW6sW0s5n-khBSf_VuBYJqQOJ6iaL8n0jry4NktUnv6fNgeV8DWNDjeLvRpBSCh6h22bEbn5_n1Ey8XW6HP7H_d-vO1vtE4kewGvI_oNjPvD99E3ZkuD0ZKPGlD6nZchOjB6Ydtle1nFMKp4GptImpTOTBpG2o0MhJR38iCBFQ_MdfnM4FNNsu1y90-nZXd7rcoffQ1eFpwvzNqfbAlzzAs8TcXvqBipZX6uwM6mpDHnvqR6LAzERoi9zXouf2zHOu4clcxiCv6_sKM79Fs1C537lbPa9QCM0KfaowKzhhpPcFD5L7XjUIxuT0q7UK_8YCSc0pyh3t_voKnZRmuVeBKzVl9yu-XesJdXpyDAopjb4yKhPX2uoS-3hcLw-9F3Wx0B6y30dIduK9tsDNvR2ZCpUBlqbkm_o_LvcUf3ZRXZrMObKjCuiJzRq4vyUUtAa83C19fz-lbqPKFNit0QnYuCeH56R3cwiYZnbmHfxlkwnEi6nhVBigapYZpd67DsjvUIqAsXtUm6QpwDXMLEysSPgxY-fEmHiS3O2egvunLEThnejVG5AmXXvMxPF7fpr3lxXw-KYlArgCVXNNaHy4OLIJq1gzPMWa5HIczScKaxodasl6Qvj6ad8jBF85v_36dfrQBCG-5hUQiNOFS7sCC7mUYfsMJNcR_lXmAH33y4DZ1wlIIOFweWJx8jleWt2S9Ndm2WM4wnY3va0R-LA4jtTIyNs5MH7VizVxti8aahhNdmsDjaMDKNx-ScrgYeH_Q5It64SUYUw_BPev0jckJCNnJYyeqyrUbjHoE5E8QTh_sm6XjPABmg4wu32-3JhXq8A2ncBDouTBvwKI-Y0eLrKbSz7h_wwEY7x4M6CCZd5doEnCqulaLxt_PAOkbtLeKqS9rEpZmUUi2NNCtO-s_ETxUNaWWrx4Dbwg5s74hmDGgboAh5aaHNbMfqw7RFxxbZtnC0gbaD3gO_nTRwUbmgo1NEPjsUfttFAtjrB_EKt1TlH5vug4sTlyQTGWFi4g5HAnEtnvX5j4TzW1PkLblsQ8tp0F9HEBTKYMx2WPplIysuorWZPyPVdGcLcgyf2da6e35It0-df4T_RzZnp9SnPzGG832w3u4nqJGua0L22-u0GRUCOKh0OT3ouOntBwJ2Y_hcUgwWEPucXYFw0W7FaLmR7vklyGWBRc1NCFk9aKo2gvEFEzedfERD9SXbFYuo6WKXtx2LbfLzKo1c4YxsojpMqJx0SXPwOAmNJVPfBn5SMN0PxWgN7gxpbdlaU1TdiFMyqXOBrOLRtMIHwjP2KnQJFVeT80lWFVr5TGX8uBOnc6AAzIGUPMIg3v4AzgxJlEKFA09pq0_BNd2k-voym-3mxS_1ZauCMHBnMfjeOz0J_UP81oeaPRLlNFWwph20bUBQYskllbskUrSUG_e8RHAgWB5TRQe_bkZGBXR8w4bQ7w6K8d3duJcN-byICo3UKwhJ8zbqMMH8YkA9seGfoYaD-zmXeKlD8GKrhIziomiVDZ8Mkp2mT592B2DqxkYEMVxExdrInyzJiEr1MVaX_Zbz9_1OYpUfxCcPMsAqOZ9deKL_aGZTtKY0r2WMEdFfEZ56mLdUc6hdA34_uisVmC5rnKkXHKke-3pXC_HOrmtAUqaOqEzXfHec69QKLFxVihI200xNM70UKrqdlNExkvN_OK57Q8jvAkK4r2LPPjPcBhP_f48uHGCq2ChPM0TZ97L2HHvuL9gAoA1pD2aqSvZpVnUcQUhGqIeVjezw15hkQ31Z7nfAR3sAulIN5LwRRgdeWIWKPaEXHZpSCTT1H_W_U3s-Q-DMTwT1sbG-IJuoxEOmU2nDC0WzVolLqVgWZ1PZXS1h7WO3hqAR_T1aQwrYqEleQ-Nl8fNVfmhKMzWaAPrrk7tXS2Q76HBpDPuUEcElaxoG8unR6m83bQkAI-32mZ7qxMgARBPMLJ9YQvtrBDjMcrSNzTR4A6zd8Q0qkDpFXdG8BT2KgtPJSCaiRYrtNJkJz1se4sUTaxENHfeTZYwxdVQdSVEwIEKw4Up38J7oqJuGQEj4mOb_NPipbjubrlyD-yzwv45H8eVaBUzx85Jv1tJ-gPA-JWgCymyzebmf7awYmlZP_eti1aa0nKg49-hcq6danOruFmUcr0VKYHlr0HzRgM1A2uLHmgv1E918OXgjdnmTD4LCScb64I2dDtNffUIeQsgLaFb3kWlVnYUoiX1ZPPqThXmkq_e_wpqAOuRaV9Nb1b52UPxT2zY-XiyknLScbs5n0pAm8_uM315Fb-Vnj-7RG2s02Ky0aTUvqc3Lkk0kmUbx9yXEaIsuceD7ERYA29zESIX9TFllYaeQ2uGRqlc0KtH3B0l19y4XXDfUeX3QAnWL-ZTeFYvtLPrqFiR05hab_0LN9ZdWdKEyK8o6eoe7qE8PDnrCrZ0Pfqzv0SLxZeGS06ceTc82Fs6gN2XuUGxjN9VfvsD1nBENHg8RnOPQyL1bnKC6_hdomyiJygP62Qth7YbHCFlg4lXnbN3XIATyJGTpnpi4-Gdjv6y6qm5w8WByjCdS6OfaWKAuaVJOXgqwQSiz7ckxCCqbxM25crHjmAizhfYDO9_clXrI3bYur3pqoIO2OPzSpiToX1OebMIzc8z7OPmKSRsBTKW8zhnjFX8NDlzF640nko2BPQWmv-ejT6qi3EoAigmscGQbnoaZTTTLTvQ6abAGjcMrazIKtnQhZIOR00JAoTQR8UcEJiIhx4tsbHiZKhFE1sWjOJRU2eiyy4vPc3mKPijy6xfapKAfsHSzlHVQ62bjtIAvSKa4U0eRBUYucVCYjIbYeaxQ&cid=CAQSTwAvHhf_cBRI7OLw2Rosogfc0s-WZhqW1KrZk9672V27s54n_30fMu4GQHn8deeEdgh9F0W_P_3jXLKPXTcgq5rS6jasfF4j2J_M_UnzWH8YAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ds=l&xdt=1&iif=1&cor=17201279820529598000&adk=2988274606&idt=133&cac=0&dtd=9
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53995c36d88e2295655238ae0dcf6024d5cf35fecb67602d49d0a30d8f54f552
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:10:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42079
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8330 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=2076560842998984&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
si
googleads.g.doubleclick.net/pagead/drt/ Frame 9E0D
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Dec 2023 18:10:59 GMT
expires
Thu, 28 Dec 2023 18:10:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Dec 2023 18:10:59 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame 5F2F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?FNmD0A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:10:59 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
skeleton.js
fw.adsafeprotected.com/rjss/st/1860407/77125228/ Frame C55C 		258 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1860407/77125228/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015316818&ias_pubId=pub-9927393713550282&ias_chanId=1&ias_placementId=20821599578&bidurl=https://owo.vn/neu-ma/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jx3Q8hTapup2C01kU-PkBS
Requested by
Host: owo.vn
URL: https://owo.vn/neu-ma/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.226.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-226-11.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c41241144673359d6382c0e0bb4a3b5410194ff9631621414b02efe113f86ec7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:10:59 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame C55C 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: owo.vn
URL: https://owo.vn/neu-ma/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 20:46:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77061
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 28 Dec 2023 20:46:38 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame C55C 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A5WRoU5uasi5yrm90d7yYKEBNc3hd0ogmE40-wQwbISMlbD3SPK5NWjKWEX0qFW0kC2xA6HsJMIZeK-DvV-nGvk1DXV2Yv5MfuUitm4f0o8kuWdjkbPRBlcFMVfE0cSo0_bIFuwnmdLv2LUULz6J46oSljQNtUiibiSawVYWLc_BbWnY8&dbm_d=AKAmf-Bs_mupGoBNSyd8Yls2I_PYKojxceupMdgbJPxUxDYpTxg78kjZjyy_HNEBPQw8X-cSaQhNXLI_m-Twx-NGQDELL-tzFchpNDE6TEOIZ7Vo9LvKSKDMRFAi3u6C39TGUyiKIq01gtqglKgGAhy0Qqr1RAM6LDCnyR0i-0Sekz6GBvb1FOZdJGx1kswMODCgU1HRLFJqqeoZZPV6eIZ6lmAjUU31-93yrEAlW4uZj2WrankYrslPD431Jgq4qU9IkDwVE47hV81iu7GBe7RW_us57NryAWviaMrPX4-havQtDUHsD1Vn6LSPe5HhL7tGGLZBwXHOM9LrJ9daeNsK_R5kkfazqK8bPN7w-KGpSkWfxGJdHMusYEWMirTQEBEBi-h38M6kbhg4JQgblJWsN_ONgvq7efyGOs_zeOWU533veg0bkaPsdKxYo59MDe3HaQ7EOajnkej8oQ_7MKEXsmYElaoqMukC6jZ_rMqAXNuwkdQgtHqgqNDdEGFCr5nbrdSnJlwQ9Fc6dVsJKUueYdVB-0i67UKpyuIHNxwCXfrWFnbFZ9-KVDuSeYKj336gfqhpdPGw3zqVu2nBaoks92noFGUnd9OX_I2uT05Q0p2XX8wSnVvYnYCfIpUxFb8Y99cL0BgrrxqFfPeSCkDR9uTbOU2ztYfUm38y_rE1cV62uB_AoCBfIfQaWh38-VFThPSA23J8BUicq5NQGzGPuYD520NK_LdAx35yXtIpHvktnXju3MH0IvNAk9EBR3EFDzxBc_0nwnV4FjWhi7LPZH4n9nLkynhm0zBtwOC9lV40oeQzS9BRtaEQBaiLCPofWHWI3OeIPTHGhOgzG2xSQ1tv2oToupzqkuVrc6khwDwROVhgU4pU-9_wg_mwDhadHL1DNL0OSxUPNzChAjtxS-rU4jXkbQH-JOXcIDIOsLh6-ldtwcAJEYzYysNZR2AegSrylzTcnpBRr0MA9-QcbWp9fJTGRDf74hu2pDiTVjpakVU33Y3QOHgDmTjBZht26MJOjKQ1FzzJ41tERXTnG0KiPpjiSMd25swguN0qAxrn7rcVcKV9uZpEhPdm0OhLwpH3INR3HIc2J3xgOF5yin31hRSioCjqj3j1ulRkiNDiQGCTyFLuIknTNPdll7FbLiPdIoi1NZY8ml6YgSW7JFw5ut05AGT_WY07xuHXVxPngppWR1bEErL4_DMCPj5hoqVv1duYk5jWRCGnWiffriiXFCoPkDXKPD69AbquW543YTYU_Q3Tfcwym5j6SyFF2hJGoIxjnTVW6sW0s5n-khBSf_VuBYJqQOJ6iaL8n0jry4NktUnv6fNgeV8DWNDjeLvRpBSCh6h22bEbn5_n1Ey8XW6HP7H_d-vO1vtE4kewGvI_oNjPvD99E3ZkuD0ZKPGlD6nZchOjB6Ydtle1nFMKp4GptImpTOTBpG2o0MhJR38iCBFQ_MdfnM4FNNsu1y90-nZXd7rcoffQ1eFpwvzNqfbAlzzAs8TcXvqBipZX6uwM6mpDHnvqR6LAzERoi9zXouf2zHOu4clcxiCv6_sKM79Fs1C537lbPa9QCM0KfaowKzhhpPcFD5L7XjUIxuT0q7UK_8YCSc0pyh3t_voKnZRmuVeBKzVl9yu-XesJdXpyDAopjb4yKhPX2uoS-3hcLw-9F3Wx0B6y30dIduK9tsDNvR2ZCpUBlqbkm_o_LvcUf3ZRXZrMObKjCuiJzRq4vyUUtAa83C19fz-lbqPKFNit0QnYuCeH56R3cwiYZnbmHfxlkwnEi6nhVBigapYZpd67DsjvUIqAsXtUm6QpwDXMLEysSPgxY-fEmHiS3O2egvunLEThnejVG5AmXXvMxPF7fpr3lxXw-KYlArgCVXNNaHy4OLIJq1gzPMWa5HIczScKaxodasl6Qvj6ad8jBF85v_36dfrQBCG-5hUQiNOFS7sCC7mUYfsMJNcR_lXmAH33y4DZ1wlIIOFweWJx8jleWt2S9Ndm2WM4wnY3va0R-LA4jtTIyNs5MH7VizVxti8aahhNdmsDjaMDKNx-ScrgYeH_Q5It64SUYUw_BPev0jckJCNnJYyeqyrUbjHoE5E8QTh_sm6XjPABmg4wu32-3JhXq8A2ncBDouTBvwKI-Y0eLrKbSz7h_wwEY7x4M6CCZd5doEnCqulaLxt_PAOkbtLeKqS9rEpZmUUi2NNCtO-s_ETxUNaWWrx4Dbwg5s74hmDGgboAh5aaHNbMfqw7RFxxbZtnC0gbaD3gO_nTRwUbmgo1NEPjsUfttFAtjrB_EKt1TlH5vug4sTlyQTGWFi4g5HAnEtnvX5j4TzW1PkLblsQ8tp0F9HEBTKYMx2WPplIysuorWZPyPVdGcLcgyf2da6e35It0-df4T_RzZnp9SnPzGG832w3u4nqJGua0L22-u0GRUCOKh0OT3ouOntBwJ2Y_hcUgwWEPucXYFw0W7FaLmR7vklyGWBRc1NCFk9aKo2gvEFEzedfERD9SXbFYuo6WKXtx2LbfLzKo1c4YxsojpMqJx0SXPwOAmNJVPfBn5SMN0PxWgN7gxpbdlaU1TdiFMyqXOBrOLRtMIHwjP2KnQJFVeT80lWFVr5TGX8uBOnc6AAzIGUPMIg3v4AzgxJlEKFA09pq0_BNd2k-voym-3mxS_1ZauCMHBnMfjeOz0J_UP81oeaPRLlNFWwph20bUBQYskllbskUrSUG_e8RHAgWB5TRQe_bkZGBXR8w4bQ7w6K8d3duJcN-byICo3UKwhJ8zbqMMH8YkA9seGfoYaD-zmXeKlD8GKrhIziomiVDZ8Mkp2mT592B2DqxkYEMVxExdrInyzJiEr1MVaX_Zbz9_1OYpUfxCcPMsAqOZ9deKL_aGZTtKY0r2WMEdFfEZ56mLdUc6hdA34_uisVmC5rnKkXHKke-3pXC_HOrmtAUqaOqEzXfHec69QKLFxVihI200xNM70UKrqdlNExkvN_OK57Q8jvAkK4r2LPPjPcBhP_f48uHGCq2ChPM0TZ97L2HHvuL9gAoA1pD2aqSvZpVnUcQUhGqIeVjezw15hkQ31Z7nfAR3sAulIN5LwRRgdeWIWKPaEXHZpSCTT1H_W_U3s-Q-DMTwT1sbG-IJuoxEOmU2nDC0WzVolLqVgWZ1PZXS1h7WO3hqAR_T1aQwrYqEleQ-Nl8fNVfmhKMzWaAPrrk7tXS2Q76HBpDPuUEcElaxoG8unR6m83bQkAI-32mZ7qxMgARBPMLJ9YQvtrBDjMcrSNzTR4A6zd8Q0qkDpFXdG8BT2KgtPJSCaiRYrtNJkJz1se4sUTaxENHfeTZYwxdVQdSVEwIEKw4Up38J7oqJuGQEj4mOb_NPipbjubrlyD-yzwv45H8eVaBUzx85Jv1tJ-gPA-JWgCymyzebmf7awYmlZP_eti1aa0nKg49-hcq6danOruFmUcr0VKYHlr0HzRgM1A2uLHmgv1E918OXgjdnmTD4LCScb64I2dDtNffUIeQsgLaFb3kWlVnYUoiX1ZPPqThXmkq_e_wpqAOuRaV9Nb1b52UPxT2zY-XiyknLScbs5n0pAm8_uM315Fb-Vnj-7RG2s02Ky0aTUvqc3Lkk0kmUbx9yXEaIsuceD7ERYA29zESIX9TFllYaeQ2uGRqlc0KtH3B0l19y4XXDfUeX3QAnWL-ZTeFYvtLPrqFiR05hab_0LN9ZdWdKEyK8o6eoe7qE8PDnrCrZ0Pfqzv0SLxZeGS06ceTc82Fs6gN2XuUGxjN9VfvsD1nBENHg8RnOPQyL1bnKC6_hdomyiJygP62Qth7YbHCFlg4lXnbN3XIATyJGTpnpi4-Gdjv6y6qm5w8WByjCdS6OfaWKAuaVJOXgqwQSiz7ckxCCqbxM25crHjmAizhfYDO9_clXrI3bYur3pqoIO2OPzSpiToX1OebMIzc8z7OPmKSRsBTKW8zhnjFX8NDlzF640nko2BPQWmv-ejT6qi3EoAigmscGQbnoaZTTTLTvQ6abAGjcMrazIKtnQhZIOR00JAoTQR8UcEJiIhx4tsbHiZKhFE1sWjOJRU2eiyy4vPc3mKPijy6xfapKAfsHSzlHVQ62bjtIAvSKa4U0eRBUYucVCYjIbYeaxQ&cid=CAQSTwAvHhf_cBRI7OLw2Rosogfc0s-WZhqW1KrZk9672V27s54n_30fMu4GQHn8deeEdgh9F0W_P_3jXLKPXTcgq5rS6jasfF4j2J_M_UnzWH8YAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ds=l&xdt=1&iif=1&cor=17201279820529598000&adk=2988274606&idt=133&cac=0&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:44:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
73611
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Jan 2024 21:44:08 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame C55C 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A5WRoU5uasi5yrm90d7yYKEBNc3hd0ogmE40-wQwbISMlbD3SPK5NWjKWEX0qFW0kC2xA6HsJMIZeK-DvV-nGvk1DXV2Yv5MfuUitm4f0o8kuWdjkbPRBlcFMVfE0cSo0_bIFuwnmdLv2LUULz6J46oSljQNtUiibiSawVYWLc_BbWnY8&dbm_d=AKAmf-Bs_mupGoBNSyd8Yls2I_PYKojxceupMdgbJPxUxDYpTxg78kjZjyy_HNEBPQw8X-cSaQhNXLI_m-Twx-NGQDELL-tzFchpNDE6TEOIZ7Vo9LvKSKDMRFAi3u6C39TGUyiKIq01gtqglKgGAhy0Qqr1RAM6LDCnyR0i-0Sekz6GBvb1FOZdJGx1kswMODCgU1HRLFJqqeoZZPV6eIZ6lmAjUU31-93yrEAlW4uZj2WrankYrslPD431Jgq4qU9IkDwVE47hV81iu7GBe7RW_us57NryAWviaMrPX4-havQtDUHsD1Vn6LSPe5HhL7tGGLZBwXHOM9LrJ9daeNsK_R5kkfazqK8bPN7w-KGpSkWfxGJdHMusYEWMirTQEBEBi-h38M6kbhg4JQgblJWsN_ONgvq7efyGOs_zeOWU533veg0bkaPsdKxYo59MDe3HaQ7EOajnkej8oQ_7MKEXsmYElaoqMukC6jZ_rMqAXNuwkdQgtHqgqNDdEGFCr5nbrdSnJlwQ9Fc6dVsJKUueYdVB-0i67UKpyuIHNxwCXfrWFnbFZ9-KVDuSeYKj336gfqhpdPGw3zqVu2nBaoks92noFGUnd9OX_I2uT05Q0p2XX8wSnVvYnYCfIpUxFb8Y99cL0BgrrxqFfPeSCkDR9uTbOU2ztYfUm38y_rE1cV62uB_AoCBfIfQaWh38-VFThPSA23J8BUicq5NQGzGPuYD520NK_LdAx35yXtIpHvktnXju3MH0IvNAk9EBR3EFDzxBc_0nwnV4FjWhi7LPZH4n9nLkynhm0zBtwOC9lV40oeQzS9BRtaEQBaiLCPofWHWI3OeIPTHGhOgzG2xSQ1tv2oToupzqkuVrc6khwDwROVhgU4pU-9_wg_mwDhadHL1DNL0OSxUPNzChAjtxS-rU4jXkbQH-JOXcIDIOsLh6-ldtwcAJEYzYysNZR2AegSrylzTcnpBRr0MA9-QcbWp9fJTGRDf74hu2pDiTVjpakVU33Y3QOHgDmTjBZht26MJOjKQ1FzzJ41tERXTnG0KiPpjiSMd25swguN0qAxrn7rcVcKV9uZpEhPdm0OhLwpH3INR3HIc2J3xgOF5yin31hRSioCjqj3j1ulRkiNDiQGCTyFLuIknTNPdll7FbLiPdIoi1NZY8ml6YgSW7JFw5ut05AGT_WY07xuHXVxPngppWR1bEErL4_DMCPj5hoqVv1duYk5jWRCGnWiffriiXFCoPkDXKPD69AbquW543YTYU_Q3Tfcwym5j6SyFF2hJGoIxjnTVW6sW0s5n-khBSf_VuBYJqQOJ6iaL8n0jry4NktUnv6fNgeV8DWNDjeLvRpBSCh6h22bEbn5_n1Ey8XW6HP7H_d-vO1vtE4kewGvI_oNjPvD99E3ZkuD0ZKPGlD6nZchOjB6Ydtle1nFMKp4GptImpTOTBpG2o0MhJR38iCBFQ_MdfnM4FNNsu1y90-nZXd7rcoffQ1eFpwvzNqfbAlzzAs8TcXvqBipZX6uwM6mpDHnvqR6LAzERoi9zXouf2zHOu4clcxiCv6_sKM79Fs1C537lbPa9QCM0KfaowKzhhpPcFD5L7XjUIxuT0q7UK_8YCSc0pyh3t_voKnZRmuVeBKzVl9yu-XesJdXpyDAopjb4yKhPX2uoS-3hcLw-9F3Wx0B6y30dIduK9tsDNvR2ZCpUBlqbkm_o_LvcUf3ZRXZrMObKjCuiJzRq4vyUUtAa83C19fz-lbqPKFNit0QnYuCeH56R3cwiYZnbmHfxlkwnEi6nhVBigapYZpd67DsjvUIqAsXtUm6QpwDXMLEysSPgxY-fEmHiS3O2egvunLEThnejVG5AmXXvMxPF7fpr3lxXw-KYlArgCVXNNaHy4OLIJq1gzPMWa5HIczScKaxodasl6Qvj6ad8jBF85v_36dfrQBCG-5hUQiNOFS7sCC7mUYfsMJNcR_lXmAH33y4DZ1wlIIOFweWJx8jleWt2S9Ndm2WM4wnY3va0R-LA4jtTIyNs5MH7VizVxti8aahhNdmsDjaMDKNx-ScrgYeH_Q5It64SUYUw_BPev0jckJCNnJYyeqyrUbjHoE5E8QTh_sm6XjPABmg4wu32-3JhXq8A2ncBDouTBvwKI-Y0eLrKbSz7h_wwEY7x4M6CCZd5doEnCqulaLxt_PAOkbtLeKqS9rEpZmUUi2NNCtO-s_ETxUNaWWrx4Dbwg5s74hmDGgboAh5aaHNbMfqw7RFxxbZtnC0gbaD3gO_nTRwUbmgo1NEPjsUfttFAtjrB_EKt1TlH5vug4sTlyQTGWFi4g5HAnEtnvX5j4TzW1PkLblsQ8tp0F9HEBTKYMx2WPplIysuorWZPyPVdGcLcgyf2da6e35It0-df4T_RzZnp9SnPzGG832w3u4nqJGua0L22-u0GRUCOKh0OT3ouOntBwJ2Y_hcUgwWEPucXYFw0W7FaLmR7vklyGWBRc1NCFk9aKo2gvEFEzedfERD9SXbFYuo6WKXtx2LbfLzKo1c4YxsojpMqJx0SXPwOAmNJVPfBn5SMN0PxWgN7gxpbdlaU1TdiFMyqXOBrOLRtMIHwjP2KnQJFVeT80lWFVr5TGX8uBOnc6AAzIGUPMIg3v4AzgxJlEKFA09pq0_BNd2k-voym-3mxS_1ZauCMHBnMfjeOz0J_UP81oeaPRLlNFWwph20bUBQYskllbskUrSUG_e8RHAgWB5TRQe_bkZGBXR8w4bQ7w6K8d3duJcN-byICo3UKwhJ8zbqMMH8YkA9seGfoYaD-zmXeKlD8GKrhIziomiVDZ8Mkp2mT592B2DqxkYEMVxExdrInyzJiEr1MVaX_Zbz9_1OYpUfxCcPMsAqOZ9deKL_aGZTtKY0r2WMEdFfEZ56mLdUc6hdA34_uisVmC5rnKkXHKke-3pXC_HOrmtAUqaOqEzXfHec69QKLFxVihI200xNM70UKrqdlNExkvN_OK57Q8jvAkK4r2LPPjPcBhP_f48uHGCq2ChPM0TZ97L2HHvuL9gAoA1pD2aqSvZpVnUcQUhGqIeVjezw15hkQ31Z7nfAR3sAulIN5LwRRgdeWIWKPaEXHZpSCTT1H_W_U3s-Q-DMTwT1sbG-IJuoxEOmU2nDC0WzVolLqVgWZ1PZXS1h7WO3hqAR_T1aQwrYqEleQ-Nl8fNVfmhKMzWaAPrrk7tXS2Q76HBpDPuUEcElaxoG8unR6m83bQkAI-32mZ7qxMgARBPMLJ9YQvtrBDjMcrSNzTR4A6zd8Q0qkDpFXdG8BT2KgtPJSCaiRYrtNJkJz1se4sUTaxENHfeTZYwxdVQdSVEwIEKw4Up38J7oqJuGQEj4mOb_NPipbjubrlyD-yzwv45H8eVaBUzx85Jv1tJ-gPA-JWgCymyzebmf7awYmlZP_eti1aa0nKg49-hcq6danOruFmUcr0VKYHlr0HzRgM1A2uLHmgv1E918OXgjdnmTD4LCScb64I2dDtNffUIeQsgLaFb3kWlVnYUoiX1ZPPqThXmkq_e_wpqAOuRaV9Nb1b52UPxT2zY-XiyknLScbs5n0pAm8_uM315Fb-Vnj-7RG2s02Ky0aTUvqc3Lkk0kmUbx9yXEaIsuceD7ERYA29zESIX9TFllYaeQ2uGRqlc0KtH3B0l19y4XXDfUeX3QAnWL-ZTeFYvtLPrqFiR05hab_0LN9ZdWdKEyK8o6eoe7qE8PDnrCrZ0Pfqzv0SLxZeGS06ceTc82Fs6gN2XuUGxjN9VfvsD1nBENHg8RnOPQyL1bnKC6_hdomyiJygP62Qth7YbHCFlg4lXnbN3XIATyJGTpnpi4-Gdjv6y6qm5w8WByjCdS6OfaWKAuaVJOXgqwQSiz7ckxCCqbxM25crHjmAizhfYDO9_clXrI3bYur3pqoIO2OPzSpiToX1OebMIzc8z7OPmKSRsBTKW8zhnjFX8NDlzF640nko2BPQWmv-ejT6qi3EoAigmscGQbnoaZTTTLTvQ6abAGjcMrazIKtnQhZIOR00JAoTQR8UcEJiIhx4tsbHiZKhFE1sWjOJRU2eiyy4vPc3mKPijy6xfapKAfsHSzlHVQ62bjtIAvSKa4U0eRBUYucVCYjIbYeaxQ&cid=CAQSTwAvHhf_cBRI7OLw2Rosogfc0s-WZhqW1KrZk9672V27s54n_30fMu4GQHn8deeEdgh9F0W_P_3jXLKPXTcgq5rS6jasfF4j2J_M_UnzWH8YAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ds=l&xdt=1&iif=1&cor=17201279820529598000&adk=2988274606&idt=133&cac=0&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 01:43:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
59229
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11872
x-xss-protection
0
server
cafe
etag
16225921609732785849
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 Jan 2024 01:43:50 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame C55C 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: owo.vn
URL: https://owo.vn/neu-ma/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 13:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
188503
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 13:49:16 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 082E 		113 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cbb53c0d88b880c417229e8d5796510c4ba60ee6df61b9bad86054b8b9f6bf77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:10:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 082E 		29 B
494 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:09:16 GMT
x-content-type-options
nosniff
age
103
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 28 Dec 2023 18:24:16 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Thu, 28 Dec 2023 18:10:59 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 082E 		88 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
86e3f471be2bcdec677c4227dab41bc5ec875268f3b75c4458ce6bbf77b922d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 28 Dec 2023 18:10:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41094
x-xss-protection
0
remote.js
www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/ Frame 082E 		116 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e50b3437118e3987bcf15bbe18094b785119f764d2af29be181b531de3b1bb08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.youtube.com/embed/OZjWSxbEh4Y?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:24:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
294404
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33735
x-xss-protection
0
last-modified
Mon, 18 Dec 2023 02:48:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 24 Dec 2024 08:24:15 GMT
sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js
www.google.com/js/th/ Frame 082E 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0bc7aaac454e3a1847b40f762ac1ec96715d1e7f3d5ff43c43424b8453163e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:34:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
560170
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19840
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Dec 2024 06:34:49 GMT
maxresdefault.jpg
i.ytimg.com/vi/OZjWSxbEh4Y/ Frame 082E 		136 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/OZjWSxbEh4Y/maxresdefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/OZjWSxbEh4Y?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f827c6fcb8de7959f04b6ba8453eaea3062c8178ddbd12244117dc45372d8efa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:10:59 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139465
x-xss-protection
0
server
sffe
etag
"1678177463"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 28 Dec 2023 20:10:59 GMT
truncated
/ Frame 082E 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
AIf8zZRsdJK0d2gK_QaYY_PHEbkXX5y6b0A9r9LlFoHF=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 082E 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AIf8zZRsdJK0d2gK_QaYY_PHEbkXX5y6b0A9r9LlFoHF=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/OZjWSxbEh4Y?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f03055875414ccf6af72ab977c7d6e3d6ddf2cbcec55c14441a68be13a894575
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:29:03 GMT
x-content-type-options
nosniff
age
6116
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1429
x-xss-protection
0
server
fife
etag
"v58"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 29 Dec 2023 16:29:03 GMT
truncated
/ Frame A951 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
851503e2982486034cdd7abff85744944a29e3d7d61317af2297682507a7698e

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 082E 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/OZjWSxbEh4Y?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0dfa6a82824cf2be6bb8543de6ef56b87daae5dd63f9e68c88f02697f94af740
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 19:31:09 GMT
x-content-type-options
nosniff
age
513590
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5224
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Dec 2024 19:31:09 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A951 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsssar_7zSqiKAM71QEw2EvKIvzt27lOD7d1FDyx-NOV3Hoe3eTXrAEq8vJ6UJEndzHKCrjPDSuGh_D9yzwn7D6hdpM6Xj7fBBVGdxyxKLiXJsmK7u3zL12sREtQGc3rSUA3BE5rE4Ls8S2fL_Jxab-c5vwJWggU-98FqLGTYCatNwqzVBouHmqm9_Q0NfV3RbYRqZasAbEM5ihemLp2p7daNAJH7pJ_h5GMFdTEWX2g7nPl1KJSfvtyM6pIEScL2DiH32Ve2nsyGsu-Erpg8Xi8BWGPzFHz7RZlh53VmxjCz7LfPlIAsFxX69MmvkYHLRn1ZFQdsXhy4sPFP9pU-cut9bJsrkRM-GNBDRx-_xtjjJZ_KSuFhi9Lb7_PLeRth7TNVclizcgwO62FFMxF2Fga-ql44C-hZjF5lgiPYQPrh3LcVbQf37iD-SNqrj9lipi2d3BJLy0666Fz3N9ImypLQeQN4BPz8IH7L5fFQwPQ6ppIbgtZaUpEiWJX6TMUpO6g-oazYXzgBf-j1TgUqS9VvZoFAJuZw3tD-Z6ySKGv2EXfn8PflLDDKbeLQFSIZs5vuYd1LIORoZUfBd-NZ6zBPvTRXwVbNyhA3NL3A3SDJHQSnQDPGXIfY-QSQyKxsBcDZU36d_tHrcHDDx5iwVP_y5WtgjwlIcpO6wqdQCftGyCIoRIU4JuEz8UZIk_M117XUvwYBRsBZTMBvsjJV_ltLNoo5VTOQogQ5xaYekIpIvWsUiqd2GwfmYjGnzexQde-znCOp-kdniocWkp9BGWiH3T8I9jC1khUoWmdgYYtzb_m4-PjHULCvnldXJ6unK7_QU-GukjJO79p_PtQ5fcJ1GKjyxj8n7XvRnpHBT1X8wEo6gGFHSSL9xsq3b1a9baZViSdG24qFl8J5zavExBbkS0dxn0UqfgrFbURbiV8Zhh-S-uLdm3l8bW0_t94m6rooTvLbLcNOFO71pR9GSMlKQNEHHhGOyPwEAH3J_NNUCz_mNlNzAlfNNsh-lbsWea5HKaZGysjGzFirPdP1AdEokWB3aimOrefkm_vLeS2nqtVHelXb6IqOM9atRlj-3inOHGUsbfVcai2InU-ofweYR6eLCy_yWjZjVQ7ebg_Ch5tjlAK1EXloHi7WwT-uZAGHulBeNIRkDdPQwb28pFYRWZ_RFSXwqZ3XssodlrvPHhxZtGHcZKgANsQ_VnEyZHIHnj-Qo-AnwcbSgw-hzoIk1UCEBdERzsYzfIqZHh8QCeUUdwnrWhKCrTfVmCMphhuWvtBQTqrN6zRPNjlhLmYthxrnmgKyKU4kH8GrK8uBWcttrB8xApTm_MGGd2QrXy5PIaYYu4Jq5tku_4aRPNGboo8ekzo36lAQw&sai=AMfl-YSgadrEEbx5f7kenbklP4097cd6mqdJq5ydhutl_pn4ALPM6TDuJLtVoEuMUj6byliIXncRm4KeLSO8b7yE2X2YN8cx6hVXMXw-tme7gQwJi3o6mnbWxXCWID8yfchlP5XTcdz-PYzoUMTWYCzI1yLIPk9mzFo87sOPv1_9bwjz2b_Ip_63D26ZiZbBecmPRi1fVLSd-wJWIklgV8biaepoN4kTtNc1V6V5hGD0TJwC7ml6G4LTpwtBpNFZ5Dch0n-bBBF-5Xs3TGeWfYoaBWpVoB-7IYvJe1p4Z9B8f9qnDMhaxN8du0BWQe7ZZvg5Xws7OCvq2SqU28_HypvOINFr71PnYalp8NcrPKMprxrZLiFJDGvuoXeBLHVgdzFdRxgrfPiEKN1PTbIH-uyoVgO4zgT4y6ir5HDH1EP3UlG5ZCf0dDJ6lVolRcPMOw0gjot8Yl61O-pGNjVXxxneEnWMhKtAiCGAM1WxAoSCXeuF7vIu8riGMPTAAVuvoA&sig=Cg0ArKJSzGHLhvD6QCWUEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=422&cbvp=2&dett=2&cstd=1&cisv=r20231207.44958&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: owo.vn
URL: https://owo.vn/neu-ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 28 Dec 2023 18:10:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
img.gif
t.6sc.co/ Frame A951 		43 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.6sc.co/img.gif?event=imp&mcid=84452&cb=2847527083&pid=194902594&cid=29147346
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 28 Dec 2023 18:11:00 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Tue, 05 Oct 2021 22:17:58 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"615ccf16-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
img.gif
t.6sc.co/ Frame A951 		43 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.6sc.co/img.gif?event=imp&mcid=84455&cb=2847527083&pid=194902594&cid=29147346
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 28 Dec 2023 18:11:00 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Fri, 21 Feb 2020 18:57:24 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5e502814-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
img.gif
t.6sc.co/ Frame A951 		43 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.6sc.co/img.gif?event=imp&mcid=88525&cb=2847527083&pid=194902594&cid=29147346
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 28 Dec 2023 18:11:00 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Sat, 18 Feb 2023 00:49:41 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"63f020a5-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
img.gif
t.6sc.co/ Frame A951 		43 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.6sc.co/img.gif?event=imp&mcid=69941&cb=2847527083&pid=194902594&cid=29147346
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 28 Dec 2023 18:11:00 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Fri, 21 Feb 2020 18:57:24 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5e502814-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
img.gif
t.6sc.co/ Frame A951 		43 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.6sc.co/img.gif?event=imp&mcid=84453&cb=2847527083&pid=194902594&cid=29147346
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 28 Dec 2023 18:11:00 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Sat, 05 Jun 2021 07:56:11 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"60bb2e1b-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
img.gif
t.6sc.co/ Frame A951 		43 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.6sc.co/img.gif?event=imp&ppgid=86d67b6c&cb=2847527083
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 28 Dec 2023 18:11:00 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Sat, 05 Jun 2021 07:56:11 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"60bb2e1b-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
img.gif
t.6sc.co/ Frame A951 		43 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.6sc.co/img.gif?event=imp&mcid=84456&cb=2847527083&pid=194902594&cid=29147346
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 28 Dec 2023 18:11:00 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Fri, 21 Feb 2020 18:57:24 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5e502814-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
img.gif
t.6sc.co/ Frame A951 		43 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.6sc.co/img.gif?event=imp&mcid=84454&cb=2847527083&pid=194902594&cid=29147346
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 28 Dec 2023 18:11:00 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Sat, 18 Feb 2023 00:49:41 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"63f020a5-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
img.gif
t.6sc.co/ Frame A951 		43 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.6sc.co/img.gif?event=imp&mcid=93937&cb=2847527083&pid=194902594&cid=29147346
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 28 Dec 2023 18:11:00 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Fri, 21 Feb 2020 18:57:24 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5e502814-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
pagead2.googlesyndication.com/bg/ Frame 89AA 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Requested by
Host: owo.vn
URL: https://owo.vn/neu-ma/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 08:10:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
208849
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19601
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Dec 2024 08:10:10 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame DB1E 		478 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGJqf49wBMAE&v=APEucNVqu918JJLthcXDg781G6FzKtP3u-j9H_bBaoO6lvSohd9a5YkBrFLWzt940D9YFpaQueTxJ7PNWC5WUNjBtaX0mJ93iw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9927393713550282&output=html&h=280&adk=377845342&adf=2791373073&pi=t.aa~a.3404089767~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1703787059&rafmt=1&to=qs&pwprc=6711635098&format=360x280&url=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703787059260&bpp=1&bdt=2355&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939274579570&frm=20&pv=1&ga_vid=246232683.1703787058&ga_sid=1703787058&ga_hid=470107238&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C95320884&oid=2&pvsid=2076560842998984&tmod=1913879467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9927393713550282&output=html&h=280&adk=377845342&adf=2791373073&pi=t.aa~a.3404089767~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1703787059&rafmt=1&to=qs&pwprc=6711635098&format=360x280&url=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703787059260&bpp=1&bdt=2355&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939274579570&frm=20&pv=1&ga_vid=246232683.1703787058&ga_sid=1703787058&ga_hid=470107238&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C95320884&oid=2&pvsid=2076560842998984&tmod=1913879467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Dec 2023 18:10:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame E2FF 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9927393713550282&output=html&h=280&adk=377845342&adf=2791373073&pi=t.aa~a.3404089767~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1703787059&rafmt=1&to=qs&pwprc=6711635098&format=360x280&url=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703787059260&bpp=1&bdt=2355&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939274579570&frm=20&pv=1&ga_vid=246232683.1703787058&ga_sid=1703787058&ga_hid=470107238&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C95320884&oid=2&pvsid=2076560842998984&tmod=1913879467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:10:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 28 Dec 2023 18:10:59 GMT
adition.js
imagesrv.adition.com/js/ Frame E2FF 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adition.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9927393713550282&output=html&h=280&adk=377845342&adf=2791373073&pi=t.aa~a.3404089767~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1703787059&rafmt=1&to=qs&pwprc=6711635098&format=360x280&url=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703787059260&bpp=1&bdt=2355&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939274579570&frm=20&pv=1&ga_vid=246232683.1703787058&ga_sid=1703787058&ga_hid=470107238&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C95320884&oid=2&pvsid=2076560842998984&tmod=1913879467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
6356dca74d480f9fe67e7a08ad460f342880cfb3004f3ef6d8df6db39edae277

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:10:59 GMT
content-encoding
br
last-modified
Wed, 22 Nov 2023 10:00:03 GMT
etag
"3305548861-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8362
js
ad4.adfarm1.adition.com/ Frame E2FF 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/js?wp_id=4787111&clickurl=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=ClsqBM7qNZfTfGfGPvcAP6oOH2Aqi2_vIdPH1l-nVEdq24u-aOBABIMDLpzVg9ZXOgeAEoAH4k9q5AsgBCakCbxYK8J6rsj6oAwHIA5sEqgT6AU_QeXtPPGBU8NfoO8jQVjDehgeZcCpeS8h-c_t1kMnQ2M3Dvjz3c4hcWhOcD_u0KLbwO2Kml0KsK5J9eXMnhLWRILI-FyCUp_IOIsaLPrraLHlQV3DKnyWX6wGxfrYvQ61PBwRCPWbO5NnqYmgbnZXwjj7BCHtfax7uKnFV189FXiJ4mB8nAyMKvnHXQL7qBnM5z3uoUJSdLbMTzTOYM151wz8xrU5Bl0fyoyn9P2Iz2VhDmY-jpq9msRH-8-aEEoSWigXTBozBmqUDnMWH0i1Ty2nXVjPUcsZPJI5zQbL8BXVWVETCIDP6YEQP6qVSXLF6klLakkQypAnABISp5bnABOAEA4gF_PS4gU2QBgGgBk2AB_DrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYksfEs92ygwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CQ0iwE-3xlhbQEwDYEw2IFAHYFAHQFQH4FgGAFwE&ae=1&num=1&cid=CAQSPAAvHhf_xgQdYDjysYKBbGMVSnETJhEUsoC8IPtwWsXVINceGu3wS1njxnYWzTbyB1DmohtQIpt90Ni7VBgB&sig=AOD64_0gzcqfdSyluObp4JZb0s3jC1j1uw&client=ca-pub-9927393713550282&dbm_c=AKAmf-A_8xfA9BGAgyhf1VqcgWnAB-wN5HiXXxpgbavMNm-gvrOp_GjpIbh1ra7uHqb7xoBS7OiKbpK1Q1S-urdxGphvYwn9V1FBdISIpsTRPaxTcNlMbzlTOKmFEgKQHfXzbRYAS1lfyeeaWAXXpoBq57ZgJ7EkpuoTgDSa-eMlgLfhF45zwvI&cry=1&dbm_d=AKAmf-DyFVnZHp3XtMLgtVbEch2m-zKzlM8vWH_5rza0ghrL3NXO6z-GoVGYvH_Bq0_CvWuwSS4RX4la99I9-DdV4ENCrPLaAEMxqk34hdmoSioB_BmWxHVyUYPJc9yewcucGdPHQMsmMEOPng_lvPmE37hZ-Zoc9f5uQHV6CjJVc6UlE4XxmL1qfUO7LgOW6NzcjGmH4xH-GEyn7nZhkXd6Lq9CyUIqBfrCDOxbihVThFshXptVTJHCKYT6nKg2ZkZ2pzKdkB99-uY3yj90vVcWG_pEdnzBi01e_c6r2E9tMUyOnAhiorbDfrexE2BODV56_FieCBoBuh62HK9bTqJLpVtd58GyxeMIIO33NaKK8ILA1g4VDm-pVyqph94mVnNbXjzSpups93ws2blKKAOIQtGgulZxcmgbe8267Bj3zzeMKA3mEH_J6N2piSJl5ij7Na2VUetIFHtBMfu98Du6G5rqS7ZrxVJiwuJRDZo7mw6RS4J72VSeNtBzlucBo8HVk1oo7vhRtYvTRtO9w4yJqDo-yR6bM4tTNgLWbrWBb8vAWu1duTc&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9927393713550282&output=html&h=280&adk=377845342&adf=2791373073&pi=t.aa~a.3404089767~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1703787059&rafmt=1&to=qs&pwprc=6711635098&format=360x280&url=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703787059260&bpp=1&bdt=2355&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939274579570&frm=20&pv=1&ga_vid=246232683.1703787058&ga_sid=1703787058&ga_hid=470107238&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C95320884&oid=2&pvsid=2076560842998984&tmod=1913879467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
6250ccbcd62c9edbc0e9cc8a39ae7c3a5afd7705d129bae6cec75df738fac01e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date
Thu, 28 Dec 2023 19:10:59 +0100
cache-control
max-age=600
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame E2FF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9927393713550282&output=html&h=280&adk=377845342&adf=2791373073&pi=t.aa~a.3404089767~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1703787059&rafmt=1&to=qs&pwprc=6711635098&format=360x280&url=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703787059260&bpp=1&bdt=2355&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939274579570&frm=20&pv=1&ga_vid=246232683.1703787058&ga_sid=1703787058&ga_hid=470107238&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C95320884&oid=2&pvsid=2076560842998984&tmod=1913879467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:29:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
74469
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Jan 2024 21:29:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame E2FF 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9927393713550282&output=html&h=280&adk=377845342&adf=2791373073&pi=t.aa~a.3404089767~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1703787059&rafmt=1&to=qs&pwprc=6711635098&format=360x280&url=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703787059260&bpp=1&bdt=2355&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939274579570&frm=20&pv=1&ga_vid=246232683.1703787058&ga_sid=1703787058&ga_hid=470107238&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C95320884&oid=2&pvsid=2076560842998984&tmod=1913879467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:29:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
74470
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Jan 2024 21:29:49 GMT
l
www.google.com/ads/measurement/ Frame E2FF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSD9-EK8xUbxcyymzyyRM5K_nWFcZUZsg4sHJLaq8w09c6IVAL6xca_Bbxe-9xG1zSdnb7DXBbuSe2xwAOFUxrwxpk-Ug
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9927393713550282&output=html&h=280&adk=377845342&adf=2791373073&pi=t.aa~a.3404089767~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1703787059&rafmt=1&to=qs&pwprc=6711635098&format=360x280&url=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703787059260&bpp=1&bdt=2355&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939274579570&frm=20&pv=1&ga_vid=246232683.1703787058&ga_sid=1703787058&ga_hid=470107238&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C95320884&oid=2&pvsid=2076560842998984&tmod=1913879467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame E2FF 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9927393713550282&output=html&h=280&adk=377845342&adf=2791373073&pi=t.aa~a.3404089767~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1703787059&rafmt=1&to=qs&pwprc=6711635098&format=360x280&url=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703787059260&bpp=1&bdt=2355&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939274579570&frm=20&pv=1&ga_vid=246232683.1703787058&ga_sid=1703787058&ga_hid=470107238&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C95320884&oid=2&pvsid=2076560842998984&tmod=1913879467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:10:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Dec 2023 18:10:59 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E2FF 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C0OAr6DLgolKD6GwEyOoOe4ibz2u8G_TQlUejvyjcQXxREq3H8IBYlvMX7PYZvpC7nC3o6USHBlYczHL89eYw9n3qSW38G1TCUZzyY0yng-Bgb8IU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9927393713550282&output=html&h=280&adk=377845342&adf=2791373073&pi=t.aa~a.3404089767~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1703787059&rafmt=1&to=qs&pwprc=6711635098&format=360x280&url=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703787059260&bpp=1&bdt=2355&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939274579570&frm=20&pv=1&ga_vid=246232683.1703787058&ga_sid=1703787058&ga_hid=470107238&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C95320884&oid=2&pvsid=2076560842998984&tmod=1913879467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:10:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 5655 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
186620
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 26 Dec 2023 14:20:39 GMT
expires
Wed, 25 Dec 2024 14:20:39 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/17710475751055165328/ Frame 4534 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17710475751055165328/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ae7373574a9f4b6ebd1f5d141724b50d43e799671709339bdb39e30a8a0b3a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
191136
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3096
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 26 Dec 2023 13:05:23 GMT
expires
Wed, 25 Dec 2024 13:05:23 GMT
last-modified
Tue, 12 Dec 2023 10:28:27 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame C55C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssr-jEMVwSMTpADR34NSaPVYv0h7QZshKsv-Nah5DHgoEN-BXcJnPMfYcWMvUi4NGAErszLi2Hnxacvp-DDcuP3soUHjJ3mEcyWG9GFnEeu8C4_LihvqumKe-gXZ4HYejUBfHeUqBQcfuYzvGk4LOZNNpuEurnJPkgdjQP3JlqTcw1XMUgav415o8TrTNColp1Utzy1Tp3-DE1zo-y-Vl2xsjH4zg-0AZqE8Ei1jZaYd8fuqeX46CI21NbJoXt1oK1RVphztek6t2NNjCAynv0E06kwlIMwjoyHcsKq-XAI0TddXCAfYY0fXFJimKgKakX4rG3WBiCXEdv8ZurtGLf5TaO-25CTKQ4-BHCPPt0KxVbmBeLdLeKmpC0FAMLDIlkmJSRRh1SzbdHEyj1PILiwkTHCSWOJ1zN5VJ2BA9ZJw0I7eYFEMxjWbvGoWA5muMeARgnv4jdv8HxsLW7g1I-GIx3K2rxz_3J9tYYnaOmx7nkjYtkZEMu0DAIV7u1FN8CWegOZqcv-5duKt2-oltUimoQExclxV371JF04J15ILZLRsGHzqSM_1eyvceWe3-eawzAmGKxB22mJJ7by3CgwkOYACcNRoQMX_oEEqhmSo4jmQNxKrtwChqQkeaLGAMzLCPI44RFwDvTVgic4fckXLGKzEzpGIzckQvknEpyjVRQ5c7IhT_rOXHxbmBiBlv-tUu7SGD1rXMj7HzPXgj4WjPRqxJuFJGGe-fSvLd0GfFyIn-XO8f_KDEN8VGkzd6HMbAI_oGWC28_TnCrd4czd4SAhLRB05_HsDYWh4gEeEuZbPArHEu3YUjQqOF5xwoQEZ471owxneDqRME8jAvfkqUyEo7pmz8j66URo1aJMDAeKzWNpVwuKonOKp9a97-2_ymvOY3Sj6ovps3WgSKTre03zFhsz3ZWCvWOs7bkERD0fGguOza_Y_Y8VBR2SmqngnNbc72uIXWp6DTmcdiCmuw95C1ewUOhV2xsDhu8-e9JGLg1JkknMKEhbWKGjQhoR8mh8sgZiXDE9InzfMxxkATDfO8DYQIkoPyrfo1Xsb2KkMm7hUXcIXJZk2LAKf_bmoFLPhb_ow41lzE5M-MBf7X8GL7X8oqXsz1dpsofd5ByvIr9ZzWjMmyrk-rjvbIh7hJJ2a9RrviZtjPPJgakpTrDaLJl1cR9NF4d5vALwdCdDtJvCu2xzNlrCW86Mo2I8OLSDYaF4ErjOi6ewLLhfmS568WIt_47HE_Lo27rNrlJ9kb6H6GTJiDICkI5w-gaw77KP48Ofrr3krKupG3KwB04hfOD-i5smiLU9jvVxlKUi1VpLoVfPlsRmDTiwHmiXyFhHfR8IBYoNrqL9yILa7je937eskubmZpF9jhvM--KH53EmzSzLEpKUG_EBJ6x_ZD37EVA&sai=AMfl-YTJ0aO4m3DHn9vtGY_E8Vrnhl71FXqq8lHXTbFks2ZU_NDmw8fWumlSAghQZ1M4wwcMCoewcmua5rGIwq_sdb8mi3HtD5lkJ4zEnfB9P_r0PzeaL-xaCX3HowOWxF6RwlHRTsp1oXlFMM-nuXMMA4Ybi3VACWDF0soywkgOhe8Tw34ZdfRfdzX3S7PBgexX2SEBZyDSyMm-DJE2z3A_0VVKTtvDEWJMUhblbB7xadMwdzaZxMe8S7ijOCp_jMGSCzzvRuJ5dLRoi2nODLm2PYk0ftvEeKbq4Dr21ZMtrQ&sig=Cg0ArKJSzABJkdsxXmBtEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=154&cbvp=1&cstd=153&cisv=r20231207.26753&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: owo.vn
URL: https://owo.vn/neu-ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 28 Dec 2023 18:10:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 128F 		436 B
232 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9927393713550282&output=html&h=280&adk=3396172996&adf=1356298493&pi=t.aa~a.4146970678~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1703787059&rafmt=1&to=qs&pwprc=6711635098&format=360x280&url=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703787059262&bpp=1&bdt=2357&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcb92e3c60995ce02%3AT%3D1703787058%3ART%3D1703787058%3AS%3DALNI_MYasj_kBtplPDu8_G4h9hfkeknCMA&gpic=UID%3D00000d2eef2d12c8%3AT%3D1703787058%3ART%3D1703787058%3AS%3DALNI_MZw9KVo1QjegRp1fxoW7sSMIzTArg&prev_fmts=0x0%2C360x280%2C1200x280%2C1200x280%2C1600x1200%2C160x600%2C160x600&nras=8&correlator=2939274579570&frm=20&pv=1&ga_vid=246232683.1703787058&ga_sid=1703787058&ga_hid=470107238&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=4598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C95320884&oid=2&psts=AOrYGsk75eCS0IrNhMcKJF9Uh6AYSB7LqiyvyRIKhAlVE7M03xPWRc3gpXhD0Mcyu5vVRz_DRvLXCNhLwnRPCWC5JaczkYsXGzzIEadpY8K31fN72ZBJAQ&pvsid=2076560842998984&tmod=1913879467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=6&fsb=1&dtd=614
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c4fdaa68e77aa16ff51257f69ff8f8301279478ffdbb37f380591c621f1f4aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://owo.vn/neu-ma/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
211
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Dec 2023 18:11:00 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 082E 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:10:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 28 Dec 2023 18:10:59 GMT
generate_204
www.youtube.com/ Frame 082E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?G7CdQA
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/OZjWSxbEh4Y?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.youtube.com/embed/OZjWSxbEh4Y?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:10:59 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Thu, 28 Dec 2023 18:11:00 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 082E 		94 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e13ee2954e5216e60826ca1c89443bd2c21a11014839911b0bf7c00bf5272b49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 28 Dec 2023 18:11:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
114
x-xss-protection
0
tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 4534 		112 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17710475751055165328/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17710475751055165328/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:11:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38407
x-xss-protection
0
last-modified
Wed, 04 Oct 2017 18:33:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 28 Dec 2023 18:11:00 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 4534 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17710475751055165328/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17710475751055165328/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:11:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 28 Dec 2023 18:11:00 GMT
index.js
s0.2mdn.net/sadbundle/17710475751055165328/ Frame 4534 		121 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17710475751055165328/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17710475751055165328/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffdbd584d26f1cafa722b9796b27b77c0970a405ae30440a8eb60c5fd275be8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17710475751055165328/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 25 Dec 2024 13:05:23 GMT
date
Tue, 26 Dec 2023 13:05:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
191137
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28250
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 10:28:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
pixel
cm.g.doubleclick.net/ Frame DB1E 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGJqf49wBMAE&v=APEucNVqu918JJLthcXDg781G6FzKtP3u-j9H_bBaoO6lvSohd9a5YkBrFLWzt940D9YFpaQueTxJ7PNWC5WUNjBtaX0mJ93iw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:11:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DB1E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK2km1QU0BgIzDyafa84Unk&google_cver=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK2km1QU0BgIzDyafa84Unk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGJqf49wBMAE&v=APEucNVqu918JJLthcXDg781G6FzKtP3u-j9H_bBaoO6lvSohd9a5YkBrFLWzt940D9YFpaQueTxJ7PNWC5WUNjBtaX0mJ93iw
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:11:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WqLmk40cT265kxP5bnQrX9o05fsflDM9rx11I3wZfnP%2FkNPIcN7zPycKR5PWAkb2TeiasAgDS1uU8UHrYaSSKFIQGtjBbuipnpcbRCdUX3iGvefbGG9tzKZu%2FfaNMFdeRWNzSYP%2Fk3v3Qg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83cbc3655d803666-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:11:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK2km1QU0BgIzDyafa84Unk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DB1E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZY26MxKMFqBZJe8SHS.bfQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK2km1QU0BgIzDyafa84Unk&google_cver=1&google_hm=2
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK2km1QU0BgIzDyafa84Unk&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGJqf49wBMAE&v=APEucNVqu918JJLthcXDg781G6FzKtP3u-j9H_bBaoO6lvSohd9a5YkBrFLWzt940D9YFpaQueTxJ7PNWC5WUNjBtaX0mJ93iw
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:11:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E3lSGVLzULMNhHSbomVOdsKuoj%2FtsaMP8taWAZDUEVDg4G5wML%2FyQ8mBhlO40MkwoWmztqp85evFanPlnr0to28KiZmtrmXv7QFStKwGQh77THMdAGwtSZvfXyeSL%2F6EsYZ0kUM7XC5SZA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83cbc365bdff3666-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:11:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK2km1QU0BgIzDyafa84Unk&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E09F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bw0wkMrqNZZ_eIO-RvcAPnJm-yAEAAAAAOAHgBAI&bg=!Q0ClQA_NAAY3kmNgF5I7ADQBe5WfOKG7l6NLJ99jQnXWxi-WRGfbEa3LnfdFEoJQ7BVmv6L9-7jdNYIp0RJYY9OAUhW8AgAAANlSAAAAAmgBB5kC45rTqBWSt7sr8ggtgAEqAjiSXhdPuAVZnRMyJNoel9RwRZPRUQp3qyO4It5t25n4BmaWEjP6Y7Qa6Cv5XoZvz0Pb8RykGxI6JyYfnp6f4jWXzbFWNPwp5th5huiZDh-FtQweMI_3kRC-t51BVHEuSK9xCRWy9eFKItRyiy20HR1-S_QXx4f1Vmu-fOVIq0aQaHLh3DpeRrlbXHUl4Nk9xVr17yRPHC2ZXsj7j5NQ3fRJ2444rkHjLedUmavi64E5vb7xWjnXY19RFP3IqNpwZuaUPT_j-CZ-aI2KQcNx6-UCYr5Z73VdphoayUFEcvcjKcXebYVgaWJfz8XLtIJzzAU9jI1Yuh5cNYH0cUx8EjgZgzRGtDcL3Ay-LzYImNr4b9XMQMTFzsHExljh2DsSOeBj8RJMCYlIZIqu6SFwnT25e608ob9QVartU345kUrH_C1ncqBVWhKMj0AebBfeZ2zturuP0crdEIgujwuRagmdHqzam2eJm6iR_EtKjdUW4m0n6UQ0G5TKPARsa6SwSOBDvKLiAkPAMSa0FikgiyA9J5GdRqriL-sEra9J0-X1e6AcW93m4UPCcveq_dqAO_HmUTEUI6sphJ1hGlwFTJnF7oXslY8fO77ZuL2TtcR7XIYkKUaXCegP8Sh0boMB9fB6MZ3agnthJB0CcNADtL35E6dtSY6t9aUWSItGY-Vd_cmNVvH1MT9LNe7tsrvYvJJ1Lj-v36jIPA8D00eIswiY504hsC3rgV7Esmf2Z0C2zERovTuPCwtgIJv1zvzlgTk-YoQzXekejwdCjXpiN-l248E45KE_3w40MfH-hqPIM9xDUUtj6pO3RDPfpGyAl01HAkgQ7mzjz47v6aCbWbHAMPw6d_h08b7g0k5Ie0WyRwd-HCUTbpcP2wFzdHzCVafd1r830miiM4iXe4c5aYpgnhgztm2HGpRL_Sg5y-QDJhpwi17kQYiCkGYPfiYv-8KU_NA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:11:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4.js
static.adsafeprotected.com/ Frame C55C
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1860407/77125228/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015316818&ias_pubId=pub-9927393713550282&ias_chanId=1&ias_placementId=20821599578&bidurl=ht...
  • https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&ias_xappb=&adContainerId=brand_safety_M7qNZbuEJ96RjuwPvpai2AM&cbFunctionName=goog_wrapCb_M7qNZbuEJ96RjuwPvpai2AM&true_pb=https%3A%2F%2F...
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&ias_xappb=&adContainerId=brand_safety_M7qNZbuEJ96RjuwPvpai2AM&cbFunctionName=goog_wrapCb_M7qNZbuEJ96RjuwPvpai2AM&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Server
2600:9000:20ab:e800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 01:02:50 GMT
x-amz-version-id
vKEhI2DDF7x4y1d6KCleNAEq1uB6J8K1
content-encoding
gzip
via
1.1 e1ffe469ec59bbd0f64b14eb9c83d0d4.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P3
age
493690
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 13 Dec 2023 19:37:39 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
6R6Ta-ATe7S1Y8p3UfbgsyO0vqnWCzo6ViTpGhGHWmnolyVW5CZ4fw==

Redirect headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:11:00 GMT
server
nginx
x-server-name
app05.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&ias_xappb=&adContainerId=brand_safety_M7qNZbuEJ96RjuwPvpai2AM&cbFunctionName=goog_wrapCb_M7qNZbuEJ96RjuwPvpai2AM&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 30E7 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ab:e800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 08:07:09 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 e1ffe469ec59bbd0f64b14eb9c83d0d4.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P3
age
10577032
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
K-J50gHSadLiyXeQi1hRhrOq2eUeT3Rh6an2ywlcE9COVpNyQ_3cUQ==
gen_204
pagead2.googlesyndication.com/pagead/ Frame E2FF 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2754550091870&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:11:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E2FF 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2754550091870&version=m202309260101&ct=77&x=1&cor=17726378969594253000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:11:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame E2FF 		34 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BKGGkY0oxV9dCqA8Ntdhuf7t-yQ4SDO4i8gUi4q-0JvWDbHMWIYeUfdgd43ct2gSCVNA3xbOX-ZXVMVlptzk2TT0IPFmGFGOqgs7YqgM88t9y7RgL9zrqksS0HiEWkHJfXgCBM44kGnAR_vrmeE-AYGS_xQyvmucYvTX9pOyFFZT2RWVI&cry=1&dbm_d=AKAmf-AOC_94CK4TM3K0p30F3Net31grBaYzJyE81IhdYpCUuotAuFRqETBcpyBQWWWvO1UtrMDWhO3wK70SPpgEH4-tW1yLRCW32uENTES9R8_k7NOC-KSlgEHp7NAwgmu3aZ2bqsKslEDD8Sx9k559ic5hOPQd8pBWE_gox7BmvhWciFO6AVtPrhIBUiOMs4TtqeR5rNGUOntPjxq1QYtRx9dda_g80ZdsMIEHyI_aVrRRD67OeI542Nk-HHvqYozcP7SPdXkkNbIebA1zocNG6_9QyshPEU3JXNNjmdSdLwk7Ko2anN4o4DmdlJ4ukxNJL8BWWq4N9RnQWhA_qRll70AdFjhwar1NEOvlRwVnYMubR0lPt1_WJkYwCZTbSegD887DqK7bklPqHtaVFEoXPydXwl9tGBtzgjti-B1E67Df7yz5cdtyA-TnLqe9aIg0eQKUXklkksrs8qSGQyNvVH2uRt8TJl3SvAFvJrRs_Bp8eoC4aYkleVF0NW4ofisyhno1ASyhfaiXmF-vtf7U-ZsgrwqVgfudkUg-YFBbFy5mwI8nyrNfNcdhSFLrFDGL1xKY703cxa8eUB0CsjtZGyJINms59q6MKsPZ-l-yykfIE67wa1AmlLhRpFqHin2R8H8QQPs30Bysr1TkUumpw3N-msqmMcNR39Vbb_Qr7HSXpeXb79EEy2fowjspNFjC9XLKIKlFiYqN5NR3PxwiitVNcha1OxH6W4C9kAiFuqKdLPI6hxWFBTEJCc2GY3xOMLKJz5MjblVSu-wVatcTRHBODMYPD-BwVfnlAMgQmU43fNZd8xGWVk9EGOAhUsw-2hJRyo3qpkjhUiucux5zZZ7RuTTMaXP504iVpViRrk7ISTVdTwhCuEgTSAE8Q9lqmKeBw_HZcFvrDrk0Q5eg9OlnWzvjWC4VoA5nInDNhK7QcN7dN3YPfnaLcC1zNSlO7HB6BwG_zUfdou9QXT0hcrTZFdxJEwCPwJU3agOmjbdfHJAuamFH_soUkG7X73HP4eIh1wTTbDuS5gcacR-8jzYx4jKoQzTVAS68W5t9PLkmaYPLSTrIaBI0TAfCG-64ufLARy5pQeIGau5Z0d93g7cVlJZ_yF1bCsuQDej9HWozoLHmSzR6kBnQ3nMQvC3IYwXp8s-5TUxKsY3SS2ZcaJmOFciLTzxscYaV7nfnWTgPQq7MpVwTvkDpNgPF2BxqpEcwHcLevioY_IPtNyMtkWu2EDtwSu5PKVlwQRt-kta_1cjF0y01OzpTWrVBdLFqOaNmGJPxu7pKdQBai5cFRhap8Y7rEXXJDa4kWfgy-oHOA99GgJSB2N1t4PSHTH7l7B85RUlIE6hGsmViMBo6TEMpqw68C_lZp1UekXNQ72nL7oqxwxV2S7W3db8gjjj41X6SnXbhBkoNJXVwGNz8BcX5ZHNdZr8Cup23r-xKwZL1pwHMIQzGNL7HOXod4cIx1cwtXFDMf2X7ghdjitVCVuBFhPbhTUCjWzJONeagH6Nat_Gr8QVpQvE93CVvUG6gqXmmSCb7FtLrQbMwZGHCWjlomHNClwlyufO7B10HEvSnRAHLqmow_EPQ7elfRWj2uzr_z2M3o_2nuRcfAZ7u671IMKe7S889y6SgJIM4d6zeM017UFi2XlR35bNpll41B7fzZV9YNqHe1RXvFQkTXZ5doOPwwzbnRj4bq7rDXfs2qmhKdpd1RxfMXq1IRucIaGmkXRG4ajopBjQ21nhdVpjX9EMNUjJAU45Bj4QRPP8RFRO7IRa4Vg1ngxopqAwnRokxP2mgMJ72MwE_gedEtHGqsMwD-jZDvBHLg4uM7OLSNx0jwRauhcDnUy9gqwrtAvTLRkCtunAGoJc4JmpbCllRrA1Nl0PzxUmNAlNWZuYg0WzJYAlxp_vttQKhCEeNxLkGirs7OzqCL5PwukpX-xMCRFEUugz-EPxqAyNXvf8xAbciCgn6x-QQJfzbgMm8rBKGWX8XVe-qSg3wzvUiYrvfS4IauTgwdV0LRMmllzP43YOphwtifvQ-vETMJIwoAu_T7LBBvdUwYOx6FLkfweebPqfDVllCWzPll0bd-1wIv_AO05LFyTb3rS98k9RROI2L-VrGviFDPGWjhAF7aGT4n_31nyc7p3ys-H3e97Z5PK9w9IAWD6zAfSuLC4KlPDwtprpswUrtHjsWFUaHRIKoQVfB86vKYaFd1cA8T_e62P2SJJ1dSISpl7lyBN6-L9C7zb2GZEf74x7lRdU8KGTXHt7oqmbnOOopgbxCDRmxBbq4mTc8a3jP9Xe_slWPFKKeoehUN_CjzVDDNze51CyW4XfbEZdBlL2iKxxStm52I9Te-OQQn844BuWvsy6RBjFNUHBVfaFCeGXaFT9qN7JpImRIvNeXAEsWC-F5Cc8rkbyr_5DVz2Ph-aOeKLltVS502lYjYUH8EY1lsMw7_2Kv6yVXjNGRxKYbKqAnpW-bV2q_HTcBRAlp4QukfA9sZIO1aXriZkGpAbNhQft7RJGUpM-W82jFkMldVtAm_hlQeW1JwsVwzW1QgiU18tgAoWmhpXZPqSnlo7IovJ6uEoa2IT3ztF5JKJH4zFMOxaFXggSx-omODd-ju4p62sSJ55SUczKx4gBor-Qie5NcBT37jYWxYTbOV_2HlVaqd0-KaKnQ_qnE45jnAT75PD2DocrMe-ZJhB-_eOTgSLoMV494-gLHzS1ukwzV-79GHcPc0dnzdewF-GPvIkbAoCjm1XsJ2y8NU-iXEIMHnflGx3YdkdK8tCnXxPYgp5nbMipJQp-Cgi2AyflJTYVVrO3MqjbCkk0aF-x9oTajszvf-9rFnbZflzRRqkiUNOWz8kZGmi4p58roYQxGKOVhz9ItwUSQWiwT2qqozJ854dBEEzLaOv-fsjexNinIMFelje01pnxZw1--1YVwYF-we0PV0ZsPC1s95UmgbWffMNgwXalysqChf7h95dfQxNVh-6PKX25L4OOkDGDgQRg5BRblyR3s0sxSSP9gPgboh0BP6R6ADxe67dHvCkMiN6N0rPLGxIhmexcAbrivO2M-IyrYnH57OOtcV9LbqsZL1lNVnisrkvMibXPe00dwBKpjn_CTBXVaXKfP3WEmJ0xrR_Jca4t6bFiYCEiIBZ18XsYl7fcVMMB1Zfy16nAjIJJGoIxTuyaHUrFTcWEwhCUKMY3t23OGetx9l_1U91L4NBVZp8fTuNUteM8IUmjZelfRh3eK3rOtTpF8FGU8gYOhjIKmQBeTctCrZCf7J16fc3_v7qxucra-k-vmHLDkex2-BrX9dROcHD9Ugj5h66x-a_v9CmNu7H515l02Zf5mr92oPg9xa1IVUHKIzcdthRwIVl9DcTH6AzxFg-uMJVM9E1S1wLXYytb3CaFuuReXfd-nw8xvBCgwHbkk-CjQn9VfeqnhkfOw-QWK1ffs57D-jvDuQNPyEV1jrefyYTYCtc01-_fcHtfaJZaplDyjVNVO4MoZ5S566FQEDWJ96_vsa59536bwwVcVF3oQhnV5rCpIRcfJ4EtukmupNO410AlugFDXyc54CEPbLheHavUtvZrBpO3CzXNw3Tvo1sz0eJ0X41DE8Kg3NIHC3c3rResK7l81FucId6T_CsSm905xhPSGkBldrS1jN9h2-XDn7UR_Y4EiNLQ6fe_Bzo50qz8Pop1VDRJGL9nofbfgZU1sQBt1TyI5sJ2nIMavNedMU9bL4eZrfeGXOUTPT3yavSWmM-Vqcie1P_d8OkW-XC_hRI5YEFnXboGBQtanWtIwTmoyfeyG5wPrrld0y3LDryuD7gq-_m3KN9JebEXFnh5pPhXffM4mqAgcq2DPFMuDc_DOiTZXvemE8pvpPMHNR8AgctaA8oasi3tghkIBo_gkKBg_raoRoZjo&cid=CAQSPAAvHhf_xgQdYDjysYKBbGMVSnETJhEUsoC8IPtwWsXVINceGu3wS1njxnYWzTbyB1DmohtQIpt90Ni7VBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ds=l&xdt=1&iif=1&cor=17726378969594253000&adk=1761367584&idt=128&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20f3156123e8c6d51bd8b524f23ba9a7e0245b188dc7d87b1ba272be3d886e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9927393713550282&output=html&h=280&adk=377845342&adf=2791373073&pi=t.aa~a.3404089767~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1703787059&rafmt=1&to=qs&pwprc=6711635098&format=360x280&url=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703787059260&bpp=1&bdt=2355&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939274579570&frm=20&pv=1&ga_vid=246232683.1703787058&ga_sid=1703787058&ga_hid=470107238&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C95320884&oid=2&pvsid=2076560842998984&tmod=1913879467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:11:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19928
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cast_sender.js
www.gstatic.com/eureka/clank/89/ Frame 082E 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/89/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 01:46:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59059
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14262
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:19:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Fri, 29 Dec 2023 01:46:41 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 5655 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 15:59:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
7870
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Dec 2024 15:59:50 GMT
dt
dt.adsafeprotected.com/ Frame C55C 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1860407&asId=c43e03f5-22b4-1274-3622-8669521df902&tv=%7Bc:y7vvxG,pingTime:-3,time:40,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:16%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:40,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B36~0%5D,as:%5B36~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZL6RZW+11%7C12%7C13%7C14%7C1511%7C16%7C17%7C1811%7C1812%7C191%7C192%7C1a1*.1860407-77125228%7C1a11%7C1a12%7C1a13%7C1b%7C1c%7C1d,idMap:1a1*,rmeas:1,rend:0,renddet:IMG.us,siq:16%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:cd5:899e:b17a:f69d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:11:00 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame C55C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1860407&asId=c43e03f5-22b4-1274-3622-8669521df902&tv=%7Bc:y7vvxH,pingTime:-6,time:41,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:41,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B37~0%5D,as:%5B37~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZL6RZW+11%7C12%7C13%7C14%7C1511%7C16%7C17%7C1811%7C1812%7C191%7C192%7C1a1*.1860407-77125228%7C1a11%7C1a12%7C1a13%7C1b%7C1c%7C1d,idMap:1a1*,rmeas:1,rend:0,renddet:IMG.us,siq:16%7D&tpiLookup=ao:owo.vn*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:cd5:899e:b17a:f69d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:11:00 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame C55C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1860407&asId=c43e03f5-22b4-1274-3622-8669521df902&tv=%7Bc:y7vvxX,pingTime:-2,time:57,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:597,beZ:598,mfA:600,cmA:600,inA:600,inZ:603,prA:603,prZ:609,si:613,poA:614,poZ:627,cmZ:627,mfZ:627,loA:638,loZ:639,ltA:654,ltZ:654%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:16%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:57,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B53~0%5D,as:%5B53~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZL6RZW+11%7C12%7C13%7C14%7C1511%7C16%7C17%7C1811%7C1812%7C191%7C192%7C1a1*.1860407-77125228%7C1a11%7C1a12%7C1a13%7C1b%7C1c%7C1d,idMap:1a1*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,siq:16,sinceFw:39,readyFired:true%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:cd5:899e:b17a:f69d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:11:00 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
laptop1_400.png
s0.2mdn.net/sadbundle/17710475751055165328/ Frame 4534 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17710475751055165328/laptop1_400.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3958c5810faeec852821ed63b98dd4b101f2220ca6d839e94a32fcd26571ff10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17710475751055165328/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 25 Dec 2024 13:05:23 GMT
date
Tue, 26 Dec 2023 13:05:23 GMT
x-content-type-options
nosniff
age
191137
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
108303
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 10:28:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
view
googleads4.g.doubleclick.net/pcs/ Frame C55C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssr-jEMVwSMTpADR34NSaPVYv0h7QZshKsv-Nah5DHgoEN-BXcJnPMfYcWMvUi4NGAErszLi2Hnxacvp-DDcuP3soUHjJ3mEcyWG9GFnEeu8C4_LihvqumKe-gXZ4HYejUBfHeUqBQcfuYzvGk4LOZNNpuEurnJPkgdjQP3JlqTcw1XMUgav415o8TrTNColp1Utzy1Tp3-DE1zo-y-Vl2xsjH4zg-0AZqE8Ei1jZaYd8fuqeX46CI21NbJoXt1oK1RVphztek6t2NNjCAynv0E06kwlIMwjoyHcsKq-XAI0TddXCAfYY0fXFJimKgKakX4rG3WBiCXEdv8ZurtGLf5TaO-25CTKQ4-BHCPPt0KxVbmBeLdLeKmpC0FAMLDIlkmJSRRh1SzbdHEyj1PILiwkTHCSWOJ1zN5VJ2BA9ZJw0I7eYFEMxjWbvGoWA5muMeARgnv4jdv8HxsLW7g1I-GIx3K2rxz_3J9tYYnaOmx7nkjYtkZEMu0DAIV7u1FN8CWegOZqcv-5duKt2-oltUimoQExclxV371JF04J15ILZLRsGHzqSM_1eyvceWe3-eawzAmGKxB22mJJ7by3CgwkOYACcNRoQMX_oEEqhmSo4jmQNxKrtwChqQkeaLGAMzLCPI44RFwDvTVgic4fckXLGKzEzpGIzckQvknEpyjVRQ5c7IhT_rOXHxbmBiBlv-tUu7SGD1rXMj7HzPXgj4WjPRqxJuFJGGe-fSvLd0GfFyIn-XO8f_KDEN8VGkzd6HMbAI_oGWC28_TnCrd4czd4SAhLRB05_HsDYWh4gEeEuZbPArHEu3YUjQqOF5xwoQEZ471owxneDqRME8jAvfkqUyEo7pmz8j66URo1aJMDAeKzWNpVwuKonOKp9a97-2_ymvOY3Sj6ovps3WgSKTre03zFhsz3ZWCvWOs7bkERD0fGguOza_Y_Y8VBR2SmqngnNbc72uIXWp6DTmcdiCmuw95C1ewUOhV2xsDhu8-e9JGLg1JkknMKEhbWKGjQhoR8mh8sgZiXDE9InzfMxxkATDfO8DYQIkoPyrfo1Xsb2KkMm7hUXcIXJZk2LAKf_bmoFLPhb_ow41lzE5M-MBf7X8GL7X8oqXsz1dpsofd5ByvIr9ZzWjMmyrk-rjvbIh7hJJ2a9RrviZtjPPJgakpTrDaLJl1cR9NF4d5vALwdCdDtJvCu2xzNlrCW86Mo2I8OLSDYaF4ErjOi6ewLLhfmS568WIt_47HE_Lo27rNrlJ9kb6H6GTJiDICkI5w-gaw77KP48Ofrr3krKupG3KwB04hfOD-i5smiLU9jvVxlKUi1VpLoVfPlsRmDTiwHmiXyFhHfR8IBYoNrqL9yILa7je937eskubmZpF9jhvM--KH53EmzSzLEpKUG_EBJ6x_ZD37EVA&sai=AMfl-YTJ0aO4m3DHn9vtGY_E8Vrnhl71FXqq8lHXTbFks2ZU_NDmw8fWumlSAghQZ1M4wwcMCoewcmua5rGIwq_sdb8mi3HtD5lkJ4zEnfB9P_r0PzeaL-xaCX3HowOWxF6RwlHRTsp1oXlFMM-nuXMMA4Ybi3VACWDF0soywkgOhe8Tw34ZdfRfdzX3S7PBgexX2SEBZyDSyMm-DJE2z3A_0VVKTtvDEWJMUhblbB7xadMwdzaZxMe8S7ijOCp_jMGSCzzvRuJ5dLRoi2nODLm2PYk0ftvEeKbq4Dr21ZMtrQ&sig=Cg0ArKJSzABJkdsxXmBtEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=378&vt=11&dtpt=224&dett=3&cstd=153&cisv=r20231207.26753&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: owo.vn
URL: https://owo.vn/neu-ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:11:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5655 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BaQaFM7qNZbuEJ96RjuwPvpai2AMAAAAAOAHgBAI&bg=!oaKlou3NAAY3kmNgF5I7ADQBe5WfOGhtiSgzvUovlNjvCjfRH4ZHOCHa8ADR0rSmHkUXwn5JN2N58QJA5d3PzZl3RpM1AgAAAD1SAAAAAmgBBwoALwY3rvaGi9cSlHSF6AMyJEJyvSTbDaT3HrcGA1EV1aTcplTZ74QHa7sRGqo9cPZ6mQMBGJzt_P9YzmAU8fjbmsXZ55LYNgSIGvte9YUVNXjmcEtgxbMbd_whhA4pHjvjsdJ9mWT0ywsikNgRRFDiQRPi2b6vKGgEZSfVsHMLYi7Vk5pYHDrsfKP6bZwpkoqbGYwg-9KkvoGRrRwuDC0j5ztlqzAmlHUPIz2NyaCCIHMipKZNQEHrTmOPPjSknfEFx-C2Mr_JJN-IWgjv3aUiI5ux4yaFAhY3Koo6Q2xtgeQ6Q4BXTV57o_hQ3xsC9WaB0cAGsaPunYKQ4a2btcN2oDuRQXM1cTsZvbSS-rSloZTXSN2trAOCnybRcguAqbV0Ym0XO2f2-_BOLV38cnCH2ZV1ZgIGL95pXYa_mJBm-vNoLuZZBpZFBtCMyTqNp_J8bemmzpws_TNv7wfFTBVznQ3neqvx-BIigZXDgzw9z3ajLnz5k3873GfVvs9afxm4pXsTmrJ6k78GABSCi0DUY6zezMjn4WagWMmaB10vDV3f7a0qERpZ70y__BUEo51MMjyFArBDdLy_Zj9vmSCTCYL1iMidrYQ6DmK8u4_BmbI7elxy5L8o4L5ORjekZl2ZnB03oBhCffKT3rs2a6eD5i8VaWA6L6KI59QhjOhef4r6S37NeprFaFjpA8_0xr0PJ5Ex3NtdeneHJgmyJPii5umTOh8L6QExahCbjXhhlJoOiDivbRn9EUrEauxE1tCU6WD7V4Oe4kHgwtm-5b422zH-TUdjXIR_CdV2t5DSUCK6HHLqO8M3AHZ7QXwfanbD-J0mZ0eWjQGa0TAZbXKg5xtWGNoBJlCq0j1BajgEECK3WiqCMoptDlPIfYZhuVToOj21ODHhbgKjnRPA_r--Frh56ROi_nx4z22FIfhrYiVOajQp4TV5U52Iu2IkxmDHi_t2yykN08MltXgTLk-svc_w2lyYY6iAfsFPti4O-0mojPRYYaf5WFUjh5IRcvisxaG4T-qm_eKIzSxsPGePI5Zjb-cZZNESkVKAvBgJS9SaxbmJW7uOT-UDT-bqT6cAd_wY_g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:11:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=2076560842998984&bg=!lJell9jNAAY3kmNgF5I7ADQBe5WfOA-QqcT1o6tsMbAylWev0Jcmk_4JKQMqQdZXvLYOqJxv_oGMlDv7_45mrhwOs5X2AgAAANNSAAAAAmgBBwoABOKzpvKZAqcATsm-IceG7jH5C2qT3QXIrdKwXBhRXS390x6LoQUxlndNmo7SuOy0jgV4v74VQhCUbLHCDVMabsXpeveu4-bb78lWVmqVmfnNOSCfICNjXLIAUDZiu-L80WmQox4pdFqYYwj5zpiEI2-feJ2zOyIwRU_OpZV0KW37-WqBYD9NyJlKnV2RhuVhdUfHbTEPZw1E4_hPVI1PrfK3rinXih-ZOhF3UPW_G4AhvpSdgnS1DdKuHF5ieIrE2JY7JgKffhN8vNr2XQJ0Ia0fdnd-NdPaXuWzpFxU9mB3Xktz_CRXfWadGhnGPS80Wo1kGUcveiKHIKE5ZF942u8JpCzJgbV4he1Xg1c2PbsYjzQzfKXcsyMV8u27jbKJi3fgzvwQHxbxjfTDek55m4K8PtslNePeUR9W5Pg2Pbq5eytRy9vW5Q065wuFXducMEy5CWaBZqv9juoKxMpDM87OJsI_YW0O8Z_Nddvgd_e5h_g0lq2X-ikQYdHsQlWxCBuKTL9x-AL8tJfg_uSXHJnv19QdiFaq6L53PoMYNo8a8yTVPzknR-bWp7Bkl8jIxJT3WGJFvE4Ed-QPaNz_s1OJrPnwZpwwhAkbVGM7YSmhAE7UUjy8Bnzdk_EvZad3NTXKVNzqGMeUwAw7xgBh78CY_Hc96J2hnLzcET4MFxvIT3pTUQtpFf_vPyA-rMLjmJNkU0_jllQbvsAAv2CG0sZY99ffE-L0FY8fF7ygZpORBd6jz9k5H8U2Vn_Dg6mYVAu3ucRHy-K6MhQIATDNXCt7h4iqYnPlUShTAq1oiDcbb7oxMJc46GQDf5O-tpiRqBuhoDVL14TIBsrzMNnDG2vqWLpvA0OAq1ulONZIkCu_TPIC6iZsWDXMy2UAK75plj636eVibTMZrCywvmGL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://owo.vn/neu-ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame E2FF 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BKGGkY0oxV9dCqA8Ntdhuf7t-yQ4SDO4i8gUi4q-0JvWDbHMWIYeUfdgd43ct2gSCVNA3xbOX-ZXVMVlptzk2TT0IPFmGFGOqgs7YqgM88t9y7RgL9zrqksS0HiEWkHJfXgCBM44kGnAR_vrmeE-AYGS_xQyvmucYvTX9pOyFFZT2RWVI&cry=1&dbm_d=AKAmf-AOC_94CK4TM3K0p30F3Net31grBaYzJyE81IhdYpCUuotAuFRqETBcpyBQWWWvO1UtrMDWhO3wK70SPpgEH4-tW1yLRCW32uENTES9R8_k7NOC-KSlgEHp7NAwgmu3aZ2bqsKslEDD8Sx9k559ic5hOPQd8pBWE_gox7BmvhWciFO6AVtPrhIBUiOMs4TtqeR5rNGUOntPjxq1QYtRx9dda_g80ZdsMIEHyI_aVrRRD67OeI542Nk-HHvqYozcP7SPdXkkNbIebA1zocNG6_9QyshPEU3JXNNjmdSdLwk7Ko2anN4o4DmdlJ4ukxNJL8BWWq4N9RnQWhA_qRll70AdFjhwar1NEOvlRwVnYMubR0lPt1_WJkYwCZTbSegD887DqK7bklPqHtaVFEoXPydXwl9tGBtzgjti-B1E67Df7yz5cdtyA-TnLqe9aIg0eQKUXklkksrs8qSGQyNvVH2uRt8TJl3SvAFvJrRs_Bp8eoC4aYkleVF0NW4ofisyhno1ASyhfaiXmF-vtf7U-ZsgrwqVgfudkUg-YFBbFy5mwI8nyrNfNcdhSFLrFDGL1xKY703cxa8eUB0CsjtZGyJINms59q6MKsPZ-l-yykfIE67wa1AmlLhRpFqHin2R8H8QQPs30Bysr1TkUumpw3N-msqmMcNR39Vbb_Qr7HSXpeXb79EEy2fowjspNFjC9XLKIKlFiYqN5NR3PxwiitVNcha1OxH6W4C9kAiFuqKdLPI6hxWFBTEJCc2GY3xOMLKJz5MjblVSu-wVatcTRHBODMYPD-BwVfnlAMgQmU43fNZd8xGWVk9EGOAhUsw-2hJRyo3qpkjhUiucux5zZZ7RuTTMaXP504iVpViRrk7ISTVdTwhCuEgTSAE8Q9lqmKeBw_HZcFvrDrk0Q5eg9OlnWzvjWC4VoA5nInDNhK7QcN7dN3YPfnaLcC1zNSlO7HB6BwG_zUfdou9QXT0hcrTZFdxJEwCPwJU3agOmjbdfHJAuamFH_soUkG7X73HP4eIh1wTTbDuS5gcacR-8jzYx4jKoQzTVAS68W5t9PLkmaYPLSTrIaBI0TAfCG-64ufLARy5pQeIGau5Z0d93g7cVlJZ_yF1bCsuQDej9HWozoLHmSzR6kBnQ3nMQvC3IYwXp8s-5TUxKsY3SS2ZcaJmOFciLTzxscYaV7nfnWTgPQq7MpVwTvkDpNgPF2BxqpEcwHcLevioY_IPtNyMtkWu2EDtwSu5PKVlwQRt-kta_1cjF0y01OzpTWrVBdLFqOaNmGJPxu7pKdQBai5cFRhap8Y7rEXXJDa4kWfgy-oHOA99GgJSB2N1t4PSHTH7l7B85RUlIE6hGsmViMBo6TEMpqw68C_lZp1UekXNQ72nL7oqxwxV2S7W3db8gjjj41X6SnXbhBkoNJXVwGNz8BcX5ZHNdZr8Cup23r-xKwZL1pwHMIQzGNL7HOXod4cIx1cwtXFDMf2X7ghdjitVCVuBFhPbhTUCjWzJONeagH6Nat_Gr8QVpQvE93CVvUG6gqXmmSCb7FtLrQbMwZGHCWjlomHNClwlyufO7B10HEvSnRAHLqmow_EPQ7elfRWj2uzr_z2M3o_2nuRcfAZ7u671IMKe7S889y6SgJIM4d6zeM017UFi2XlR35bNpll41B7fzZV9YNqHe1RXvFQkTXZ5doOPwwzbnRj4bq7rDXfs2qmhKdpd1RxfMXq1IRucIaGmkXRG4ajopBjQ21nhdVpjX9EMNUjJAU45Bj4QRPP8RFRO7IRa4Vg1ngxopqAwnRokxP2mgMJ72MwE_gedEtHGqsMwD-jZDvBHLg4uM7OLSNx0jwRauhcDnUy9gqwrtAvTLRkCtunAGoJc4JmpbCllRrA1Nl0PzxUmNAlNWZuYg0WzJYAlxp_vttQKhCEeNxLkGirs7OzqCL5PwukpX-xMCRFEUugz-EPxqAyNXvf8xAbciCgn6x-QQJfzbgMm8rBKGWX8XVe-qSg3wzvUiYrvfS4IauTgwdV0LRMmllzP43YOphwtifvQ-vETMJIwoAu_T7LBBvdUwYOx6FLkfweebPqfDVllCWzPll0bd-1wIv_AO05LFyTb3rS98k9RROI2L-VrGviFDPGWjhAF7aGT4n_31nyc7p3ys-H3e97Z5PK9w9IAWD6zAfSuLC4KlPDwtprpswUrtHjsWFUaHRIKoQVfB86vKYaFd1cA8T_e62P2SJJ1dSISpl7lyBN6-L9C7zb2GZEf74x7lRdU8KGTXHt7oqmbnOOopgbxCDRmxBbq4mTc8a3jP9Xe_slWPFKKeoehUN_CjzVDDNze51CyW4XfbEZdBlL2iKxxStm52I9Te-OQQn844BuWvsy6RBjFNUHBVfaFCeGXaFT9qN7JpImRIvNeXAEsWC-F5Cc8rkbyr_5DVz2Ph-aOeKLltVS502lYjYUH8EY1lsMw7_2Kv6yVXjNGRxKYbKqAnpW-bV2q_HTcBRAlp4QukfA9sZIO1aXriZkGpAbNhQft7RJGUpM-W82jFkMldVtAm_hlQeW1JwsVwzW1QgiU18tgAoWmhpXZPqSnlo7IovJ6uEoa2IT3ztF5JKJH4zFMOxaFXggSx-omODd-ju4p62sSJ55SUczKx4gBor-Qie5NcBT37jYWxYTbOV_2HlVaqd0-KaKnQ_qnE45jnAT75PD2DocrMe-ZJhB-_eOTgSLoMV494-gLHzS1ukwzV-79GHcPc0dnzdewF-GPvIkbAoCjm1XsJ2y8NU-iXEIMHnflGx3YdkdK8tCnXxPYgp5nbMipJQp-Cgi2AyflJTYVVrO3MqjbCkk0aF-x9oTajszvf-9rFnbZflzRRqkiUNOWz8kZGmi4p58roYQxGKOVhz9ItwUSQWiwT2qqozJ854dBEEzLaOv-fsjexNinIMFelje01pnxZw1--1YVwYF-we0PV0ZsPC1s95UmgbWffMNgwXalysqChf7h95dfQxNVh-6PKX25L4OOkDGDgQRg5BRblyR3s0sxSSP9gPgboh0BP6R6ADxe67dHvCkMiN6N0rPLGxIhmexcAbrivO2M-IyrYnH57OOtcV9LbqsZL1lNVnisrkvMibXPe00dwBKpjn_CTBXVaXKfP3WEmJ0xrR_Jca4t6bFiYCEiIBZ18XsYl7fcVMMB1Zfy16nAjIJJGoIxTuyaHUrFTcWEwhCUKMY3t23OGetx9l_1U91L4NBVZp8fTuNUteM8IUmjZelfRh3eK3rOtTpF8FGU8gYOhjIKmQBeTctCrZCf7J16fc3_v7qxucra-k-vmHLDkex2-BrX9dROcHD9Ugj5h66x-a_v9CmNu7H515l02Zf5mr92oPg9xa1IVUHKIzcdthRwIVl9DcTH6AzxFg-uMJVM9E1S1wLXYytb3CaFuuReXfd-nw8xvBCgwHbkk-CjQn9VfeqnhkfOw-QWK1ffs57D-jvDuQNPyEV1jrefyYTYCtc01-_fcHtfaJZaplDyjVNVO4MoZ5S566FQEDWJ96_vsa59536bwwVcVF3oQhnV5rCpIRcfJ4EtukmupNO410AlugFDXyc54CEPbLheHavUtvZrBpO3CzXNw3Tvo1sz0eJ0X41DE8Kg3NIHC3c3rResK7l81FucId6T_CsSm905xhPSGkBldrS1jN9h2-XDn7UR_Y4EiNLQ6fe_Bzo50qz8Pop1VDRJGL9nofbfgZU1sQBt1TyI5sJ2nIMavNedMU9bL4eZrfeGXOUTPT3yavSWmM-Vqcie1P_d8OkW-XC_hRI5YEFnXboGBQtanWtIwTmoyfeyG5wPrrld0y3LDryuD7gq-_m3KN9JebEXFnh5pPhXffM4mqAgcq2DPFMuDc_DOiTZXvemE8pvpPMHNR8AgctaA8oasi3tghkIBo_gkKBg_raoRoZjo&cid=CAQSPAAvHhf_xgQdYDjysYKBbGMVSnETJhEUsoC8IPtwWsXVINceGu3wS1njxnYWzTbyB1DmohtQIpt90Ni7VBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ds=l&xdt=1&iif=1&cor=17726378969594253000&adk=1761367584&idt=128&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 01:43:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
59230
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11872
x-xss-protection
0
server
cafe
etag
16225921609732785849
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 Jan 2024 01:43:50 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame E2FF 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BKGGkY0oxV9dCqA8Ntdhuf7t-yQ4SDO4i8gUi4q-0JvWDbHMWIYeUfdgd43ct2gSCVNA3xbOX-ZXVMVlptzk2TT0IPFmGFGOqgs7YqgM88t9y7RgL9zrqksS0HiEWkHJfXgCBM44kGnAR_vrmeE-AYGS_xQyvmucYvTX9pOyFFZT2RWVI&cry=1&dbm_d=AKAmf-AOC_94CK4TM3K0p30F3Net31grBaYzJyE81IhdYpCUuotAuFRqETBcpyBQWWWvO1UtrMDWhO3wK70SPpgEH4-tW1yLRCW32uENTES9R8_k7NOC-KSlgEHp7NAwgmu3aZ2bqsKslEDD8Sx9k559ic5hOPQd8pBWE_gox7BmvhWciFO6AVtPrhIBUiOMs4TtqeR5rNGUOntPjxq1QYtRx9dda_g80ZdsMIEHyI_aVrRRD67OeI542Nk-HHvqYozcP7SPdXkkNbIebA1zocNG6_9QyshPEU3JXNNjmdSdLwk7Ko2anN4o4DmdlJ4ukxNJL8BWWq4N9RnQWhA_qRll70AdFjhwar1NEOvlRwVnYMubR0lPt1_WJkYwCZTbSegD887DqK7bklPqHtaVFEoXPydXwl9tGBtzgjti-B1E67Df7yz5cdtyA-TnLqe9aIg0eQKUXklkksrs8qSGQyNvVH2uRt8TJl3SvAFvJrRs_Bp8eoC4aYkleVF0NW4ofisyhno1ASyhfaiXmF-vtf7U-ZsgrwqVgfudkUg-YFBbFy5mwI8nyrNfNcdhSFLrFDGL1xKY703cxa8eUB0CsjtZGyJINms59q6MKsPZ-l-yykfIE67wa1AmlLhRpFqHin2R8H8QQPs30Bysr1TkUumpw3N-msqmMcNR39Vbb_Qr7HSXpeXb79EEy2fowjspNFjC9XLKIKlFiYqN5NR3PxwiitVNcha1OxH6W4C9kAiFuqKdLPI6hxWFBTEJCc2GY3xOMLKJz5MjblVSu-wVatcTRHBODMYPD-BwVfnlAMgQmU43fNZd8xGWVk9EGOAhUsw-2hJRyo3qpkjhUiucux5zZZ7RuTTMaXP504iVpViRrk7ISTVdTwhCuEgTSAE8Q9lqmKeBw_HZcFvrDrk0Q5eg9OlnWzvjWC4VoA5nInDNhK7QcN7dN3YPfnaLcC1zNSlO7HB6BwG_zUfdou9QXT0hcrTZFdxJEwCPwJU3agOmjbdfHJAuamFH_soUkG7X73HP4eIh1wTTbDuS5gcacR-8jzYx4jKoQzTVAS68W5t9PLkmaYPLSTrIaBI0TAfCG-64ufLARy5pQeIGau5Z0d93g7cVlJZ_yF1bCsuQDej9HWozoLHmSzR6kBnQ3nMQvC3IYwXp8s-5TUxKsY3SS2ZcaJmOFciLTzxscYaV7nfnWTgPQq7MpVwTvkDpNgPF2BxqpEcwHcLevioY_IPtNyMtkWu2EDtwSu5PKVlwQRt-kta_1cjF0y01OzpTWrVBdLFqOaNmGJPxu7pKdQBai5cFRhap8Y7rEXXJDa4kWfgy-oHOA99GgJSB2N1t4PSHTH7l7B85RUlIE6hGsmViMBo6TEMpqw68C_lZp1UekXNQ72nL7oqxwxV2S7W3db8gjjj41X6SnXbhBkoNJXVwGNz8BcX5ZHNdZr8Cup23r-xKwZL1pwHMIQzGNL7HOXod4cIx1cwtXFDMf2X7ghdjitVCVuBFhPbhTUCjWzJONeagH6Nat_Gr8QVpQvE93CVvUG6gqXmmSCb7FtLrQbMwZGHCWjlomHNClwlyufO7B10HEvSnRAHLqmow_EPQ7elfRWj2uzr_z2M3o_2nuRcfAZ7u671IMKe7S889y6SgJIM4d6zeM017UFi2XlR35bNpll41B7fzZV9YNqHe1RXvFQkTXZ5doOPwwzbnRj4bq7rDXfs2qmhKdpd1RxfMXq1IRucIaGmkXRG4ajopBjQ21nhdVpjX9EMNUjJAU45Bj4QRPP8RFRO7IRa4Vg1ngxopqAwnRokxP2mgMJ72MwE_gedEtHGqsMwD-jZDvBHLg4uM7OLSNx0jwRauhcDnUy9gqwrtAvTLRkCtunAGoJc4JmpbCllRrA1Nl0PzxUmNAlNWZuYg0WzJYAlxp_vttQKhCEeNxLkGirs7OzqCL5PwukpX-xMCRFEUugz-EPxqAyNXvf8xAbciCgn6x-QQJfzbgMm8rBKGWX8XVe-qSg3wzvUiYrvfS4IauTgwdV0LRMmllzP43YOphwtifvQ-vETMJIwoAu_T7LBBvdUwYOx6FLkfweebPqfDVllCWzPll0bd-1wIv_AO05LFyTb3rS98k9RROI2L-VrGviFDPGWjhAF7aGT4n_31nyc7p3ys-H3e97Z5PK9w9IAWD6zAfSuLC4KlPDwtprpswUrtHjsWFUaHRIKoQVfB86vKYaFd1cA8T_e62P2SJJ1dSISpl7lyBN6-L9C7zb2GZEf74x7lRdU8KGTXHt7oqmbnOOopgbxCDRmxBbq4mTc8a3jP9Xe_slWPFKKeoehUN_CjzVDDNze51CyW4XfbEZdBlL2iKxxStm52I9Te-OQQn844BuWvsy6RBjFNUHBVfaFCeGXaFT9qN7JpImRIvNeXAEsWC-F5Cc8rkbyr_5DVz2Ph-aOeKLltVS502lYjYUH8EY1lsMw7_2Kv6yVXjNGRxKYbKqAnpW-bV2q_HTcBRAlp4QukfA9sZIO1aXriZkGpAbNhQft7RJGUpM-W82jFkMldVtAm_hlQeW1JwsVwzW1QgiU18tgAoWmhpXZPqSnlo7IovJ6uEoa2IT3ztF5JKJH4zFMOxaFXggSx-omODd-ju4p62sSJ55SUczKx4gBor-Qie5NcBT37jYWxYTbOV_2HlVaqd0-KaKnQ_qnE45jnAT75PD2DocrMe-ZJhB-_eOTgSLoMV494-gLHzS1ukwzV-79GHcPc0dnzdewF-GPvIkbAoCjm1XsJ2y8NU-iXEIMHnflGx3YdkdK8tCnXxPYgp5nbMipJQp-Cgi2AyflJTYVVrO3MqjbCkk0aF-x9oTajszvf-9rFnbZflzRRqkiUNOWz8kZGmi4p58roYQxGKOVhz9ItwUSQWiwT2qqozJ854dBEEzLaOv-fsjexNinIMFelje01pnxZw1--1YVwYF-we0PV0ZsPC1s95UmgbWffMNgwXalysqChf7h95dfQxNVh-6PKX25L4OOkDGDgQRg5BRblyR3s0sxSSP9gPgboh0BP6R6ADxe67dHvCkMiN6N0rPLGxIhmexcAbrivO2M-IyrYnH57OOtcV9LbqsZL1lNVnisrkvMibXPe00dwBKpjn_CTBXVaXKfP3WEmJ0xrR_Jca4t6bFiYCEiIBZ18XsYl7fcVMMB1Zfy16nAjIJJGoIxTuyaHUrFTcWEwhCUKMY3t23OGetx9l_1U91L4NBVZp8fTuNUteM8IUmjZelfRh3eK3rOtTpF8FGU8gYOhjIKmQBeTctCrZCf7J16fc3_v7qxucra-k-vmHLDkex2-BrX9dROcHD9Ugj5h66x-a_v9CmNu7H515l02Zf5mr92oPg9xa1IVUHKIzcdthRwIVl9DcTH6AzxFg-uMJVM9E1S1wLXYytb3CaFuuReXfd-nw8xvBCgwHbkk-CjQn9VfeqnhkfOw-QWK1ffs57D-jvDuQNPyEV1jrefyYTYCtc01-_fcHtfaJZaplDyjVNVO4MoZ5S566FQEDWJ96_vsa59536bwwVcVF3oQhnV5rCpIRcfJ4EtukmupNO410AlugFDXyc54CEPbLheHavUtvZrBpO3CzXNw3Tvo1sz0eJ0X41DE8Kg3NIHC3c3rResK7l81FucId6T_CsSm905xhPSGkBldrS1jN9h2-XDn7UR_Y4EiNLQ6fe_Bzo50qz8Pop1VDRJGL9nofbfgZU1sQBt1TyI5sJ2nIMavNedMU9bL4eZrfeGXOUTPT3yavSWmM-Vqcie1P_d8OkW-XC_hRI5YEFnXboGBQtanWtIwTmoyfeyG5wPrrld0y3LDryuD7gq-_m3KN9JebEXFnh5pPhXffM4mqAgcq2DPFMuDc_DOiTZXvemE8pvpPMHNR8AgctaA8oasi3tghkIBo_gkKBg_raoRoZjo&cid=CAQSPAAvHhf_xgQdYDjysYKBbGMVSnETJhEUsoC8IPtwWsXVINceGu3wS1njxnYWzTbyB1DmohtQIpt90Ni7VBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ds=l&xdt=1&iif=1&cor=17726378969594253000&adk=1761367584&idt=128&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 13:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
188504
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 13:49:16 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMzc4NzA2MDA4MDgwNAogIHNlcnZlcl9pcDogMTM0MDU4MDExCiAgcHJvY2Vzc19pZDogMTUxMDUwMDYxMAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5OTE5NjYy...
ad.doubleclick.net/ddm/activity/ Frame E2FF 		0
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMzc4NzA2MDA4MDgwNAogIHNlcnZlcl9pcDogMTM0MDU4MDExCiAgcHJvY2Vzc19pZDogMTUxMDUwMDYxMAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5OTE5NjYyCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9tdWVsbGVyLmRlIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDMwCmV2ZW50X2ltcHJlc3Npb25faWQ6IDEwOTAwMzUzODgwNTgwMTIzMTc2CmRlYnVnX2tleTogNDg3MDg5NTU0Mjc0OTU0MjY5MwppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjMtMTItMjgiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA5OTE5NjYyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzU1MTk4NjQ2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA1OTgyNTM0CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIwNjcyNTU5NzQwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDYyOTk5NDUwCiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL211ZWxsZXIuZGUiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9tdWVsbGVyLmF0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vbXVlbGxlci5jaCIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDc1NDk3NDcyMAo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9927393713550282&output=html&h=280&adk=377845342&adf=2791373073&pi=t.aa~a.3404089767~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1703787059&rafmt=1&to=qs&pwprc=6711635098&format=360x280&url=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703787059260&bpp=1&bdt=2355&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939274579570&frm=20&pv=1&ga_vid=246232683.1703787058&ga_sid=1703787058&ga_hid=470107238&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C95320884&oid=2&pvsid=2076560842998984&tmod=1913879467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:11:00 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0xb58c769eba2a641b0000000000000000","13":"0xc9aac1494b47a29d0000000000000000","14":"0x7348659fecfe0a950000000000000000","15":"0xc556a7b5b73fa7fc0000000000000000"},"debug_key":"4870895542749542693","debug_reporting":true,"destination":"https://mueller.de","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["9919662"]},"priority":"0","source_event_id":"10900353880580123176"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
banner
ad4.adfarm1.adition.com/ Frame E2FF 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/banner?sid=4787111&adjsver=3&fvers=&iframe=1&ref=https%3A//googleads.g.doubleclick.net/pagead/ads%3Fclient%3Dca-pub-9927393713550282%26output%3Dhtml%26h%3D280%26adk%3D377845342%26adf%3D2791373073%26pi%3Dt.aa%7Ea.3404089767%7Erp.4%26w%3D360%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1703787059%26rafmt%3D1%26to%3Dqs%26pwprc%3D6711635098%26format%3D360x280%26url%3Dhttps%253A%252F%252Fowo.vn%252Fneu-ma%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1703787059260%26bpp%3D1%26bdt%3D2355%26idt%3D-M%26shv%3Dr20231207%26mjsv%3Dm202312070101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D2%26correlator%3D2939274579570%26frm%3D20%26pv%3D1%26ga_vid%3D246232683.1703787058%26ga_sid%3D1703787058%26ga_hid%3D470107238%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D230%26ady%3D1236%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C44809531%252C95320884%26oid%3D2%26pvsid%3D2076560842998984%26tmod%3D1913879467%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da%212%26btvi%3D1%26fsb%3D1%26dtd%3D11&ro=https%3A//googleads.g.doubleclick.net/pagead/ads%3Fclient%3Dca-pub-9927393713550282%26output%3Dhtml%26h%3D280%26adk%3D377845342%26adf%3D2791373073%26pi%3Dt.aa%7Ea.3404089767%7Erp.4%26w%3D360%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1703787059%26rafmt%3D1%26to%3Dqs%26pwprc%3D6711635098%26format%3D360x280%26url%3Dhttps%253A%252F%252Fowo.vn%252Fneu-ma%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1703787059260%26bpp%3D1%26bdt%3D2355%26idt%3D-M%26shv%3Dr20231207%26mjsv%3Dm202312070101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D2%26correlator%3D2939274579570%26frm%3D20%26pv%3D1%26ga_vid%3D246232683.1703787058%26ga_sid%3D1703787058%26ga_hid%3D470107238%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D230%26ady%3D1236%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C44809531%252C95320884%26oid%3D2%26pvsid%3D2076560842998984%26tmod%3D1913879467%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da%212%26btvi%3D1%26fsb%3D1%26dtd%3D11&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=0&wi=144136350&ac=1&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClsqBM7qNZfTfGfGPvcAP6oOH2Aqi2%5FvIdPH1l%2DnVEdq24u%2DaOBABIMDLpzVg9ZXOgeAEoAH4k9q5AsgBCakCbxYK8J6rsj6oAwHIA5sEqgT6AU%5FQeXtPPGBU8NfoO8jQVjDehgeZcCpeS8h%2Dc%5Ft1kMnQ2M3Dvjz3c4hcWhOcD%5Fu0KLbwO2Kml0KsK5J9eXMnhLWRILI%2DFyCUp%5FIOIsaLPrraLHlQV3DKnyWX6wGxfrYvQ61PBwRCPWbO5NnqYmgbnZXwjj7BCHtfax7uKnFV189FXiJ4mB8nAyMKvnHXQL7qBnM5z3uoUJSdLbMTzTOYM151wz8xrU5Bl0fyoyn9P2Iz2VhDmY%2Djpq9msRH%2D8%2DaEEoSWigXTBozBmqUDnMWH0i1Ty2nXVjPUcsZPJI5zQbL8BXVWVETCIDP6YEQP6qVSXLF6klLakkQypAnABISp5bnABOAEA4gF%5FPS4gU2QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYksfEs92ygwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CQ0iwE%2D3xlhbQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf%5FxgQdYDjysYKBbGMVSnETJhEUsoC8IPtwWsXVINceGu3wS1njxnYWzTbyB1DmohtQIpt90Ni7VBgB%26sig%3DAOD64%5F0gzcqfdSyluObp4JZb0s3jC1j1uw%26client%3Dca%2Dpub%2D9927393713550282%26dbm%5Fc%3DAKAmf%2DA%5F8xfA9BGAgyhf1VqcgWnAB%2DwN5HiXXxpgbavMNm%2DgvrOp%5FGjpIbh1ra7uHqb7xoBS7OiKbpK1Q1S%2DurdxGphvYwn9V1FBdISIpsTRPaxTcNlMbzlTOKmFEgKQHfXzbRYAS1lfyeeaWAXXpoBq57ZgJ7EkpuoTgDSa%2DeMlgLfhF45zwvI%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDyFVnZHp3XtMLgtVbEch2m%2DzKzlM8vWH%5F5rza0ghrL3NXO6z%2DGoVGYvH%5FBq0%5FCvWuwSS4RX4la99I9%2DDdV4ENCrPLaAEMxqk34hdmoSioB%5FBmWxHVyUYPJc9yewcucGdPHQMsmMEOPng%5FlvPmE37hZ%2DZoc9f5uQHV6CjJVc6UlE4XxmL1qfUO7LgOW6NzcjGmH4xH%2DGEyn7nZhkXd6Lq9CyUIqBfrCDOxbihVThFshXptVTJHCKYT6nKg2ZkZ2pzKdkB99%2DuY3yj90vVcWG%5FpEdnzBi01e%5Fc6r2E9tMUyOnAhiorbDfrexE2BODV56%5FFieCBoBuh62HK9bTqJLpVtd58GyxeMIIO33NaKK8ILA1g4VDm%2DpVyqph94mVnNbXjzSpups93ws2blKKAOIQtGgulZxcmgbe8267Bj3zzeMKA3mEH%5FJ6N2piSJl5ij7Na2VUetIFHtBMfu98Du6G5rqS7ZrxVJiwuJRDZo7mw6RS4J72VSeNtBzlucBo8HVk1oo7vhRtYvTRtO9w4yJqDo%2DyR6bM4tTNgLWbrWBb8vAWu1duTc%26adurl%3D
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/js?wp_id=4787111&clickurl=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=ClsqBM7qNZfTfGfGPvcAP6oOH2Aqi2_vIdPH1l-nVEdq24u-aOBABIMDLpzVg9ZXOgeAEoAH4k9q5AsgBCakCbxYK8J6rsj6oAwHIA5sEqgT6AU_QeXtPPGBU8NfoO8jQVjDehgeZcCpeS8h-c_t1kMnQ2M3Dvjz3c4hcWhOcD_u0KLbwO2Kml0KsK5J9eXMnhLWRILI-FyCUp_IOIsaLPrraLHlQV3DKnyWX6wGxfrYvQ61PBwRCPWbO5NnqYmgbnZXwjj7BCHtfax7uKnFV189FXiJ4mB8nAyMKvnHXQL7qBnM5z3uoUJSdLbMTzTOYM151wz8xrU5Bl0fyoyn9P2Iz2VhDmY-jpq9msRH-8-aEEoSWigXTBozBmqUDnMWH0i1Ty2nXVjPUcsZPJI5zQbL8BXVWVETCIDP6YEQP6qVSXLF6klLakkQypAnABISp5bnABOAEA4gF_PS4gU2QBgGgBk2AB_DrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYksfEs92ygwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CQ0iwE-3xlhbQEwDYEw2IFAHYFAHQFQH4FgGAFwE&ae=1&num=1&cid=CAQSPAAvHhf_xgQdYDjysYKBbGMVSnETJhEUsoC8IPtwWsXVINceGu3wS1njxnYWzTbyB1DmohtQIpt90Ni7VBgB&sig=AOD64_0gzcqfdSyluObp4JZb0s3jC1j1uw&client=ca-pub-9927393713550282&dbm_c=AKAmf-A_8xfA9BGAgyhf1VqcgWnAB-wN5HiXXxpgbavMNm-gvrOp_GjpIbh1ra7uHqb7xoBS7OiKbpK1Q1S-urdxGphvYwn9V1FBdISIpsTRPaxTcNlMbzlTOKmFEgKQHfXzbRYAS1lfyeeaWAXXpoBq57ZgJ7EkpuoTgDSa-eMlgLfhF45zwvI&cry=1&dbm_d=AKAmf-DyFVnZHp3XtMLgtVbEch2m-zKzlM8vWH_5rza0ghrL3NXO6z-GoVGYvH_Bq0_CvWuwSS4RX4la99I9-DdV4ENCrPLaAEMxqk34hdmoSioB_BmWxHVyUYPJc9yewcucGdPHQMsmMEOPng_lvPmE37hZ-Zoc9f5uQHV6CjJVc6UlE4XxmL1qfUO7LgOW6NzcjGmH4xH-GEyn7nZhkXd6Lq9CyUIqBfrCDOxbihVThFshXptVTJHCKYT6nKg2ZkZ2pzKdkB99-uY3yj90vVcWG_pEdnzBi01e_c6r2E9tMUyOnAhiorbDfrexE2BODV56_FieCBoBuh62HK9bTqJLpVtd58GyxeMIIO33NaKK8ILA1g4VDm-pVyqph94mVnNbXjzSpups93ws2blKKAOIQtGgulZxcmgbe8267Bj3zzeMKA3mEH_J6N2piSJl5ij7Na2VUetIFHtBMfu98Du6G5rqS7ZrxVJiwuJRDZo7mw6RS4J72VSeNtBzlucBo8HVk1oo7vhRtYvTRtO9w4yJqDo-yR6bM4tTNgLWbrWBb8vAWu1duTc&adurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
4fa0fa22c8b16c30840d143d038022221877cf00beb6cd9ca402a1aaf6212e28

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 19:11:00 +0100
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type
text/javascript
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 41A3 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
186621
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 26 Dec 2023 14:20:39 GMT
expires
Wed, 25 Dec 2024 14:20:39 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
ad2.adfarm1.adition.com/ Frame E2FF 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad2.adfarm1.adition.com/js?wp_id=4389193&gdpr=0&gdpr_consent=&ts=7317709702059655527&kid=5609187&keyword=PACS_4787111_17068013&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClsqBM7qNZfTfGfGPvcAP6oOH2Aqi2%5FvIdPH1l%2DnVEdq24u%2DaOBABIMDLpzVg9ZXOgeAEoAH4k9q5AsgBCakCbxYK8J6rsj6oAwHIA5sEqgT6AU%5FQeXtPPGBU8NfoO8jQVjDehgeZcCpeS8h%2Dc%5Ft1kMnQ2M3Dvjz3c4hcWhOcD%5Fu0KLbwO2Kml0KsK5J9eXMnhLWRILI%2DFyCUp%5FIOIsaLPrraLHlQV3DKnyWX6wGxfrYvQ61PBwRCPWbO5NnqYmgbnZXwjj7BCHtfax7uKnFV189FXiJ4mB8nAyMKvnHXQL7qBnM5z3uoUJSdLbMTzTOYM151wz8xrU5Bl0fyoyn9P2Iz2VhDmY%2Djpq9msRH%2D8%2DaEEoSWigXTBozBmqUDnMWH0i1Ty2nXVjPUcsZPJI5zQbL8BXVWVETCIDP6YEQP6qVSXLF6klLakkQypAnABISp5bnABOAEA4gF%5FPS4gU2QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYksfEs92ygwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CQ0iwE%2D3xlhbQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf%5FxgQdYDjysYKBbGMVSnETJhEUsoC8IPtwWsXVINceGu3wS1njxnYWzTbyB1DmohtQIpt90Ni7VBgB%26sig%3DAOD64%5F0gzcqfdSyluObp4JZb0s3jC1j1uw%26client%3Dca%2Dpub%2D9927393713550282%26dbm%5Fc%3DAKAmf%2DA%5F8xfA9BGAgyhf1VqcgWnAB%2DwN5HiXXxpgbavMNm%2DgvrOp%5FGjpIbh1ra7uHqb7xoBS7OiKbpK1Q1S%2DurdxGphvYwn9V1FBdISIpsTRPaxTcNlMbzlTOKmFEgKQHfXzbRYAS1lfyeeaWAXXpoBq57ZgJ7EkpuoTgDSa%2DeMlgLfhF45zwvI%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDyFVnZHp3XtMLgtVbEch2m%2DzKzlM8vWH%5F5rza0ghrL3NXO6z%2DGoVGYvH%5FBq0%5FCvWuwSS4RX4la99I9%2DDdV4ENCrPLaAEMxqk34hdmoSioB%5FBmWxHVyUYPJc9yewcucGdPHQMsmMEOPng%5FlvPmE37hZ%2DZoc9f5uQHV6CjJVc6UlE4XxmL1qfUO7LgOW6NzcjGmH4xH%2DGEyn7nZhkXd6Lq9CyUIqBfrCDOxbihVThFshXptVTJHCKYT6nKg2ZkZ2pzKdkB99%2DuY3yj90vVcWG%5FpEdnzBi01e%5Fc6r2E9tMUyOnAhiorbDfrexE2BODV56%5FFieCBoBuh62HK9bTqJLpVtd58GyxeMIIO33NaKK8ILA1g4VDm%2DpVyqph94mVnNbXjzSpups93ws2blKKAOIQtGgulZxcmgbe8267Bj3zzeMKA3mEH%5FJ6N2piSJl5ij7Na2VUetIFHtBMfu98Du6G5rqS7ZrxVJiwuJRDZo7mw6RS4J72VSeNtBzlucBo8HVk1oo7vhRtYvTRtO9w4yJqDo%2DyR6bM4tTNgLWbrWBb8vAWu1duTc%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7317709702059655527%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D1689%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/banner?sid=4787111&adjsver=3&fvers=&iframe=1&ref=https%3A//googleads.g.doubleclick.net/pagead/ads%3Fclient%3Dca-pub-9927393713550282%26output%3Dhtml%26h%3D280%26adk%3D377845342%26adf%3D2791373073%26pi%3Dt.aa%7Ea.3404089767%7Erp.4%26w%3D360%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1703787059%26rafmt%3D1%26to%3Dqs%26pwprc%3D6711635098%26format%3D360x280%26url%3Dhttps%253A%252F%252Fowo.vn%252Fneu-ma%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1703787059260%26bpp%3D1%26bdt%3D2355%26idt%3D-M%26shv%3Dr20231207%26mjsv%3Dm202312070101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D2%26correlator%3D2939274579570%26frm%3D20%26pv%3D1%26ga_vid%3D246232683.1703787058%26ga_sid%3D1703787058%26ga_hid%3D470107238%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D230%26ady%3D1236%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C44809531%252C95320884%26oid%3D2%26pvsid%3D2076560842998984%26tmod%3D1913879467%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da%212%26btvi%3D1%26fsb%3D1%26dtd%3D11&ro=https%3A//googleads.g.doubleclick.net/pagead/ads%3Fclient%3Dca-pub-9927393713550282%26output%3Dhtml%26h%3D280%26adk%3D377845342%26adf%3D2791373073%26pi%3Dt.aa%7Ea.3404089767%7Erp.4%26w%3D360%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1703787059%26rafmt%3D1%26to%3Dqs%26pwprc%3D6711635098%26format%3D360x280%26url%3Dhttps%253A%252F%252Fowo.vn%252Fneu-ma%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1703787059260%26bpp%3D1%26bdt%3D2355%26idt%3D-M%26shv%3Dr20231207%26mjsv%3Dm202312070101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D2%26correlator%3D2939274579570%26frm%3D20%26pv%3D1%26ga_vid%3D246232683.1703787058%26ga_sid%3D1703787058%26ga_hid%3D470107238%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D230%26ady%3D1236%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C44809531%252C95320884%26oid%3D2%26pvsid%3D2076560842998984%26tmod%3D1913879467%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da%212%26btvi%3D1%26fsb%3D1%26dtd%3D11&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=0&wi=144136350&ac=1&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClsqBM7qNZfTfGfGPvcAP6oOH2Aqi2%5FvIdPH1l%2DnVEdq24u%2DaOBABIMDLpzVg9ZXOgeAEoAH4k9q5AsgBCakCbxYK8J6rsj6oAwHIA5sEqgT6AU%5FQeXtPPGBU8NfoO8jQVjDehgeZcCpeS8h%2Dc%5Ft1kMnQ2M3Dvjz3c4hcWhOcD%5Fu0KLbwO2Kml0KsK5J9eXMnhLWRILI%2DFyCUp%5FIOIsaLPrraLHlQV3DKnyWX6wGxfrYvQ61PBwRCPWbO5NnqYmgbnZXwjj7BCHtfax7uKnFV189FXiJ4mB8nAyMKvnHXQL7qBnM5z3uoUJSdLbMTzTOYM151wz8xrU5Bl0fyoyn9P2Iz2VhDmY%2Djpq9msRH%2D8%2DaEEoSWigXTBozBmqUDnMWH0i1Ty2nXVjPUcsZPJI5zQbL8BXVWVETCIDP6YEQP6qVSXLF6klLakkQypAnABISp5bnABOAEA4gF%5FPS4gU2QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYksfEs92ygwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CQ0iwE%2D3xlhbQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf%5FxgQdYDjysYKBbGMVSnETJhEUsoC8IPtwWsXVINceGu3wS1njxnYWzTbyB1DmohtQIpt90Ni7VBgB%26sig%3DAOD64%5F0gzcqfdSyluObp4JZb0s3jC1j1uw%26client%3Dca%2Dpub%2D9927393713550282%26dbm%5Fc%3DAKAmf%2DA%5F8xfA9BGAgyhf1VqcgWnAB%2DwN5HiXXxpgbavMNm%2DgvrOp%5FGjpIbh1ra7uHqb7xoBS7OiKbpK1Q1S%2DurdxGphvYwn9V1FBdISIpsTRPaxTcNlMbzlTOKmFEgKQHfXzbRYAS1lfyeeaWAXXpoBq57ZgJ7EkpuoTgDSa%2DeMlgLfhF45zwvI%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDyFVnZHp3XtMLgtVbEch2m%2DzKzlM8vWH%5F5rza0ghrL3NXO6z%2DGoVGYvH%5FBq0%5FCvWuwSS4RX4la99I9%2DDdV4ENCrPLaAEMxqk34hdmoSioB%5FBmWxHVyUYPJc9yewcucGdPHQMsmMEOPng%5FlvPmE37hZ%2DZoc9f5uQHV6CjJVc6UlE4XxmL1qfUO7LgOW6NzcjGmH4xH%2DGEyn7nZhkXd6Lq9CyUIqBfrCDOxbihVThFshXptVTJHCKYT6nKg2ZkZ2pzKdkB99%2DuY3yj90vVcWG%5FpEdnzBi01e%5Fc6r2E9tMUyOnAhiorbDfrexE2BODV56%5FFieCBoBuh62HK9bTqJLpVtd58GyxeMIIO33NaKK8ILA1g4VDm%2DpVyqph94mVnNbXjzSpups93ws2blKKAOIQtGgulZxcmgbe8267Bj3zzeMKA3mEH%5FJ6N2piSJl5ij7Na2VUetIFHtBMfu98Du6G5rqS7ZrxVJiwuJRDZo7mw6RS4J72VSeNtBzlucBo8HVk1oo7vhRtYvTRtO9w4yJqDo%2DyR6bM4tTNgLWbrWBb8vAWu1duTc%26adurl%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad2.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
64ecb32988464ab201da71e9a2f55c11ad53a8d668a88da0b046b25319f9a432

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date
Thu, 28 Dec 2023 19:11:00 +0100
cache-control
max-age=600
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame C55C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1860407&asId=c43e03f5-22b4-1274-3622-8669521df902&tv=%7Bc:y7vvDL,pingTime:-10,time:417,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1703787060437%7C%7Cd2aec48b6f36052c4c52cbf180739277%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Cddbf575f1c6330ba8a5ee32b0fef2927%7C%7C0465a9627cb70aca34dd26c8d8666c75%7C%7Ce8c40f183ffaa95f8d747c404454f6fd%7C%7C44560ea5d9617ef2642e9e3c14fab22e%7C%7C636dbcf356c90edd181f691acb55862b%7C%7C1663701684%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:cd5:899e:b17a:f69d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:11:00 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 41A3 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 15:59:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
7870
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Dec 2024 15:59:50 GMT
banner
ad2.adfarm1.adition.com/ Frame E2FF 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad2.adfarm1.adition.com/banner?sid=4389193&adjsver=3&fvers=&iframe=1&ref=https%3A//googleads.g.doubleclick.net/pagead/ads%3Fclient%3Dca-pub-9927393713550282%26output%3Dhtml%26h%3D280%26adk%3D377845342%26adf%3D2791373073%26pi%3Dt.aa%7Ea.3404089767%7Erp.4%26w%3D360%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1703787059%26rafmt%3D1%26to%3Dqs%26pwprc%3D6711635098%26format%3D360x280%26url%3Dhttps%253A%252F%252Fowo.vn%252Fneu-ma%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1703787059260%26bpp%3D1%26bdt%3D2355%26idt%3D-M%26shv%3Dr20231207%26mjsv%3Dm202312070101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D2%26correlator%3D2939274579570%26frm%3D20%26pv%3D1%26ga_vid%3D246232683.1703787058%26ga_sid%3D1703787058%26ga_hid%3D470107238%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D230%26ady%3D1236%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C44809531%252C95320884%26oid%3D2%26pvsid%3D2076560842998984%26tmod%3D1913879467%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da%212%26btvi%3D1%26fsb%3D1%26dtd%3D11&ro=https%3A//googleads.g.doubleclick.net/pagead/ads%3Fclient%3Dca-pub-9927393713550282%26output%3Dhtml%26h%3D280%26adk%3D377845342%26adf%3D2791373073%26pi%3Dt.aa%7Ea.3404089767%7Erp.4%26w%3D360%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1703787059%26rafmt%3D1%26to%3Dqs%26pwprc%3D6711635098%26format%3D360x280%26url%3Dhttps%253A%252F%252Fowo.vn%252Fneu-ma%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1703787059260%26bpp%3D1%26bdt%3D2355%26idt%3D-M%26shv%3Dr20231207%26mjsv%3Dm202312070101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D2%26correlator%3D2939274579570%26frm%3D20%26pv%3D1%26ga_vid%3D246232683.1703787058%26ga_sid%3D1703787058%26ga_hid%3D470107238%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D230%26ady%3D1236%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C44809531%252C95320884%26oid%3D2%26pvsid%3D2076560842998984%26tmod%3D1913879467%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da%212%26btvi%3D1%26fsb%3D1%26dtd%3D11&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=7317709697785332071&kid=5609187&kw=PACS%5F4787111%5F17068013&gdpr=0&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClsqBM7qNZfTfGfGPvcAP6oOH2Aqi2%5FvIdPH1l%2DnVEdq24u%2DaOBABIMDLpzVg9ZXOgeAEoAH4k9q5AsgBCakCbxYK8J6rsj6oAwHIA5sEqgT6AU%5FQeXtPPGBU8NfoO8jQVjDehgeZcCpeS8h%2Dc%5Ft1kMnQ2M3Dvjz3c4hcWhOcD%5Fu0KLbwO2Kml0KsK5J9eXMnhLWRILI%2DFyCUp%5FIOIsaLPrraLHlQV3DKnyWX6wGxfrYvQ61PBwRCPWbO5NnqYmgbnZXwjj7BCHtfax7uKnFV189FXiJ4mB8nAyMKvnHXQL7qBnM5z3uoUJSdLbMTzTOYM151wz8xrU5Bl0fyoyn9P2Iz2VhDmY%2Djpq9msRH%2D8%2DaEEoSWigXTBozBmqUDnMWH0i1Ty2nXVjPUcsZPJI5zQbL8BXVWVETCIDP6YEQP6qVSXLF6klLakkQypAnABISp5bnABOAEA4gF%5FPS4gU2QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYksfEs92ygwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CQ0iwE%2D3xlhbQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf%5FxgQdYDjysYKBbGMVSnETJhEUsoC8IPtwWsXVINceGu3wS1njxnYWzTbyB1DmohtQIpt90Ni7VBgB%26sig%3DAOD64%5F0gzcqfdSyluObp4JZb0s3jC1j1uw%26client%3Dca%2Dpub%2D9927393713550282%26dbm%5Fc%3DAKAmf%2DA%5F8xfA9BGAgyhf1VqcgWnAB%2DwN5HiXXxpgbavMNm%2DgvrOp%5FGjpIbh1ra7uHqb7xoBS7OiKbpK1Q1S%2DurdxGphvYwn9V1FBdISIpsTRPaxTcNlMbzlTOKmFEgKQHfXzbRYAS1lfyeeaWAXXpoBq57ZgJ7EkpuoTgDSa%2DeMlgLfhF45zwvI%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDyFVnZHp3XtMLgtVbEch2m%2DzKzlM8vWH%5F5rza0ghrL3NXO6z%2DGoVGYvH%5FBq0%5FCvWuwSS4RX4la99I9%2DDdV4ENCrPLaAEMxqk34hdmoSioB%5FBmWxHVyUYPJc9yewcucGdPHQMsmMEOPng%5FlvPmE37hZ%2DZoc9f5uQHV6CjJVc6UlE4XxmL1qfUO7LgOW6NzcjGmH4xH%2DGEyn7nZhkXd6Lq9CyUIqBfrCDOxbihVThFshXptVTJHCKYT6nKg2ZkZ2pzKdkB99%2DuY3yj90vVcWG%5FpEdnzBi01e%5Fc6r2E9tMUyOnAhiorbDfrexE2BODV56%5FFieCBoBuh62HK9bTqJLpVtd58GyxeMIIO33NaKK8ILA1g4VDm%2DpVyqph94mVnNbXjzSpups93ws2blKKAOIQtGgulZxcmgbe8267Bj3zzeMKA3mEH%5FJ6N2piSJl5ij7Na2VUetIFHtBMfu98Du6G5rqS7ZrxVJiwuJRDZo7mw6RS4J72VSeNtBzlucBo8HVk1oo7vhRtYvTRtO9w4yJqDo%2DyR6bM4tTNgLWbrWBb8vAWu1duTc%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7317709702059655527%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D1689%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Requested by
Host: ad2.adfarm1.adition.com
URL: https://ad2.adfarm1.adition.com/js?wp_id=4389193&gdpr=0&gdpr_consent=&ts=7317709702059655527&kid=5609187&keyword=PACS_4787111_17068013&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClsqBM7qNZfTfGfGPvcAP6oOH2Aqi2%5FvIdPH1l%2DnVEdq24u%2DaOBABIMDLpzVg9ZXOgeAEoAH4k9q5AsgBCakCbxYK8J6rsj6oAwHIA5sEqgT6AU%5FQeXtPPGBU8NfoO8jQVjDehgeZcCpeS8h%2Dc%5Ft1kMnQ2M3Dvjz3c4hcWhOcD%5Fu0KLbwO2Kml0KsK5J9eXMnhLWRILI%2DFyCUp%5FIOIsaLPrraLHlQV3DKnyWX6wGxfrYvQ61PBwRCPWbO5NnqYmgbnZXwjj7BCHtfax7uKnFV189FXiJ4mB8nAyMKvnHXQL7qBnM5z3uoUJSdLbMTzTOYM151wz8xrU5Bl0fyoyn9P2Iz2VhDmY%2Djpq9msRH%2D8%2DaEEoSWigXTBozBmqUDnMWH0i1Ty2nXVjPUcsZPJI5zQbL8BXVWVETCIDP6YEQP6qVSXLF6klLakkQypAnABISp5bnABOAEA4gF%5FPS4gU2QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYksfEs92ygwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CQ0iwE%2D3xlhbQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf%5FxgQdYDjysYKBbGMVSnETJhEUsoC8IPtwWsXVINceGu3wS1njxnYWzTbyB1DmohtQIpt90Ni7VBgB%26sig%3DAOD64%5F0gzcqfdSyluObp4JZb0s3jC1j1uw%26client%3Dca%2Dpub%2D9927393713550282%26dbm%5Fc%3DAKAmf%2DA%5F8xfA9BGAgyhf1VqcgWnAB%2DwN5HiXXxpgbavMNm%2DgvrOp%5FGjpIbh1ra7uHqb7xoBS7OiKbpK1Q1S%2DurdxGphvYwn9V1FBdISIpsTRPaxTcNlMbzlTOKmFEgKQHfXzbRYAS1lfyeeaWAXXpoBq57ZgJ7EkpuoTgDSa%2DeMlgLfhF45zwvI%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDyFVnZHp3XtMLgtVbEch2m%2DzKzlM8vWH%5F5rza0ghrL3NXO6z%2DGoVGYvH%5FBq0%5FCvWuwSS4RX4la99I9%2DDdV4ENCrPLaAEMxqk34hdmoSioB%5FBmWxHVyUYPJc9yewcucGdPHQMsmMEOPng%5FlvPmE37hZ%2DZoc9f5uQHV6CjJVc6UlE4XxmL1qfUO7LgOW6NzcjGmH4xH%2DGEyn7nZhkXd6Lq9CyUIqBfrCDOxbihVThFshXptVTJHCKYT6nKg2ZkZ2pzKdkB99%2DuY3yj90vVcWG%5FpEdnzBi01e%5Fc6r2E9tMUyOnAhiorbDfrexE2BODV56%5FFieCBoBuh62HK9bTqJLpVtd58GyxeMIIO33NaKK8ILA1g4VDm%2DpVyqph94mVnNbXjzSpups93ws2blKKAOIQtGgulZxcmgbe8267Bj3zzeMKA3mEH%5FJ6N2piSJl5ij7Na2VUetIFHtBMfu98Du6G5rqS7ZrxVJiwuJRDZo7mw6RS4J72VSeNtBzlucBo8HVk1oo7vhRtYvTRtO9w4yJqDo%2DyR6bM4tTNgLWbrWBb8vAWu1duTc%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7317709702059655527%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D1689%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad2.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
10401ac06ae4223f73fa2a344d85263b8f01dbac3b8e29aa5f1b259ff38c6b10

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 19:11:00 +0100
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type
text/javascript
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
Mueller_Sale_Grundrauschen_300x250_x_230330_vdj.html
imagesrv.adition.com/banners/268/01/0f/33/12/ Frame 8F11 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/01/0f/33/12/Mueller_Sale_Grundrauschen_300x250_x_230330_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClsqBM7qNZfTfGfGPvcAP6oOH2Aqi2%5FvIdPH1l%2DnVEdq24u%2DaOBABIMDLpzVg9ZXOgeAEoAH4k9q5AsgBCakCbxYK8J6rsj6oAwHIA5sEqgT6AU%5FQeXtPPGBU8NfoO8jQVjDehgeZcCpeS8h%2Dc%5Ft1kMnQ2M3Dvjz3c4hcWhOcD%5Fu0KLbwO2Kml0KsK5J9eXMnhLWRILI%2DFyCUp%5FIOIsaLPrraLHlQV3DKnyWX6wGxfrYvQ61PBwRCPWbO5NnqYmgbnZXwjj7BCHtfax7uKnFV189FXiJ4mB8nAyMKvnHXQL7qBnM5z3uoUJSdLbMTzTOYM151wz8xrU5Bl0fyoyn9P2Iz2VhDmY%2Djpq9msRH%2D8%2DaEEoSWigXTBozBmqUDnMWH0i1Ty2nXVjPUcsZPJI5zQbL8BXVWVETCIDP6YEQP6qVSXLF6klLakkQypAnABISp5bnABOAEA4gF%5FPS4gU2QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYksfEs92ygwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CQ0iwE%2D3xlhbQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf%5FxgQdYDjysYKBbGMVSnETJhEUsoC8IPtwWsXVINceGu3wS1njxnYWzTbyB1DmohtQIpt90Ni7VBgB%26sig%3DAOD64%5F0gzcqfdSyluObp4JZb0s3jC1j1uw%26client%3Dca%2Dpub%2D9927393713550282%26dbm%5Fc%3DAKAmf%2DA%5F8xfA9BGAgyhf1VqcgWnAB%2DwN5HiXXxpgbavMNm%2DgvrOp%5FGjpIbh1ra7uHqb7xoBS7OiKbpK1Q1S%2DurdxGphvYwn9V1FBdISIpsTRPaxTcNlMbzlTOKmFEgKQHfXzbRYAS1lfyeeaWAXXpoBq57ZgJ7EkpuoTgDSa%2DeMlgLfhF45zwvI%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDyFVnZHp3XtMLgtVbEch2m%2DzKzlM8vWH%5F5rza0ghrL3NXO6z%2DGoVGYvH%5FBq0%5FCvWuwSS4RX4la99I9%2DDdV4ENCrPLaAEMxqk34hdmoSioB%5FBmWxHVyUYPJc9yewcucGdPHQMsmMEOPng%5FlvPmE37hZ%2DZoc9f5uQHV6CjJVc6UlE4XxmL1qfUO7LgOW6NzcjGmH4xH%2DGEyn7nZhkXd6Lq9CyUIqBfrCDOxbihVThFshXptVTJHCKYT6nKg2ZkZ2pzKdkB99%2DuY3yj90vVcWG%5FpEdnzBi01e%5Fc6r2E9tMUyOnAhiorbDfrexE2BODV56%5FFieCBoBuh62HK9bTqJLpVtd58GyxeMIIO33NaKK8ILA1g4VDm%2DpVyqph94mVnNbXjzSpups93ws2blKKAOIQtGgulZxcmgbe8267Bj3zzeMKA3mEH%5FJ6N2piSJl5ij7Na2VUetIFHtBMfu98Du6G5rqS7ZrxVJiwuJRDZo7mw6RS4J72VSeNtBzlucBo8HVk1oo7vhRtYvTRtO9w4yJqDo%2DyR6bM4tTNgLWbrWBb8vAWu1duTc%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7317709702059655527%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D1689%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7317709702063719638%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17773330%2526c%253D32692%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Requested by
Host: owo.vn
URL: https://owo.vn/neu-ma/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
203881ea967d9b49467424b4425e2108d2946f70f5713bde4b86c53dcbd0e6ee

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
content-encoding
br
content-length
1078
content-type
text/html
date
Thu, 28 Dec 2023 18:11:00 GMT
etag
"320707725-br"
last-modified
Thu, 01 Jun 2023 08:54:41 GMT
vary
Accept-Encoding
oba_priv.sjs
imagesrv.adition.com/banners/270/ Frame E2FF 		2 KB
671 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/270/oba_priv.sjs?oba=&domId=obaButton_7317709702059655527&btr=true&pos=top-right&cid=558342&aid=558342
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9927393713550282&output=html&h=280&adk=377845342&adf=2791373073&pi=t.aa~a.3404089767~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1703787059&rafmt=1&to=qs&pwprc=6711635098&format=360x280&url=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703787059260&bpp=1&bdt=2355&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939274579570&frm=20&pv=1&ga_vid=246232683.1703787058&ga_sid=1703787058&ga_hid=470107238&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C95320884&oid=2&pvsid=2076560842998984&tmod=1913879467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
be83b5c6db77cc48ecd6c61440e62f3d3f43f62681f2a48dd805443f9ac54a57

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 28 Dec 2023 18:11:00 GMT
content-encoding
br
content-length
612
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7A6E 		1 KB
645 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9927393713550282&output=html&h=280&adk=377845342&adf=2791373073&pi=t.aa~a.3404089767~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1703787059&rafmt=1&to=qs&pwprc=6711635098&format=360x280&url=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703787059260&bpp=1&bdt=2355&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939274579570&frm=20&pv=1&ga_vid=246232683.1703787058&ga_sid=1703787058&ga_hid=470107238&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C95320884&oid=2&pvsid=2076560842998984&tmod=1913879467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
32250
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Dec 2023 09:13:30 GMT
etag
48472445140208031
expires
Fri, 29 Dec 2023 09:13:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame E2FF 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a47434673417d094780b85a52831ee73f266a66c3796f9675793511fcc4cd575

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 41A3 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bu8zONLqNZaT3BJug9u8PgtKh0AUAAAAAOAHgBAI&bg=!_f6l_rHNAAY3kmNgF5I7ADQBe5WfODfQAJDkkzWMq4FHCTEt55DVeNyL9HAxUtEepV_hw6oXp8JMdF-veR28vhHe-im-AgAAADpSAAAAAmgBB5kDBO4Li5tYoLzihWZWFevVoWaEBWb7qcoIeseQvn3zlvBok3HzJQ0fJMoO7LfZ-l2xgq1p2j8Bw5C2ia8rIOrk8sGfpDmCpJhbV1sMY60QHkXBMjU3K0stSGDokGTUFkOYWHo4ehZzxjupK9dKvFkhcN6bNbMPiYTrA5lQNOaGQ3qVzET7uqSrQSJEZKRrXweo2Poc1aOXoSEc-mlIhJzD3PssMd7T5TClDLvtiiaiXb8Cbu0DlaAL5LqrCbiMReQ8QP2VRSDg-gs8lEgJROxzi7LQ8M97gP-YDBOFSL_ljHnLgVvPWKKyMLLblS4hZ6iz1We6pByJLZI5_rSN8Him8g3rbvApKU2GdgMbMVHzZRBzraOzJcmb4iZYLRWIucQo-eyc94Zv52_DhKMK1DC6BvSSWWZzzuROi8zvuCHWiMA9vl9Kas0T13DT6IaJ1QkxIGGtm0jhoO5qMA4d_dw5VfIG1rbROX2bxpPuDp4SLOgKaBmIdNgat8JcEyVuvSYwQqPZXS8bwu630hHgvU1fA6Ars2wWs-rdnKZI46aQOPd2frDSKK-XrLli-I11ZXQD3P6gxdXMUzoUS_6DcYfD7bkknsEVUhDX7sOzoRaY9t7dEKt9qQ240z4Af9Z9S4x-L4TJsfBGgf-yk4fOUzdg79mGfvG_5iQHnYTV3XBYpbt_XRn1pBPN8FFktgKBGHf80puUcuPGGWT7rQ05PhgsS7ez9_rRxHaNbYlV21dWdOLE7X_hXtRGqrGlXeAxn5wXTeuP5c8Q7f9rgeHsYWDlAyTM9QoD5MKfZalVQlCQGAqrwXgUSGUR_FkRpm449yaeooyn84pj01BLhyTyXCkjHMoyI_W0ocgvHpO7MDr6QDn0W96CPE8q8x6Ddx_YLIa78c2eG0UNg2Bap04nrAWaJy0PLQ8UooUthkFY5etHU2yGE4DUCukeGThdIlX-E2NXC5_3T8QrY2N-_Xt46NM5g90uPv7XfqUCOTumnC7-e8PmjO5dIu1vMyG10jc8HvrFw5gyhiM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9927393713550282&output=html&h=280&adk=377845342&adf=2791373073&pi=t.aa~a.3404089767~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1703787059&rafmt=1&to=qs&pwprc=6711635098&format=360x280&url=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703787059260&bpp=1&bdt=2355&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939274579570&frm=20&pv=1&ga_vid=246232683.1703787058&ga_sid=1703787058&ga_hid=470107238&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C95320884&oid=2&pvsid=2076560842998984&tmod=1913879467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:11:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AditionH5_ClickTags.js
imagesrv.adition.com/js/ Frame 8F11 		753 B
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/AditionH5_ClickTags.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/0f/33/12/Mueller_Sale_Grundrauschen_300x250_x_230330_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClsqBM7qNZfTfGfGPvcAP6oOH2Aqi2%5FvIdPH1l%2DnVEdq24u%2DaOBABIMDLpzVg9ZXOgeAEoAH4k9q5AsgBCakCbxYK8J6rsj6oAwHIA5sEqgT6AU%5FQeXtPPGBU8NfoO8jQVjDehgeZcCpeS8h%2Dc%5Ft1kMnQ2M3Dvjz3c4hcWhOcD%5Fu0KLbwO2Kml0KsK5J9eXMnhLWRILI%2DFyCUp%5FIOIsaLPrraLHlQV3DKnyWX6wGxfrYvQ61PBwRCPWbO5NnqYmgbnZXwjj7BCHtfax7uKnFV189FXiJ4mB8nAyMKvnHXQL7qBnM5z3uoUJSdLbMTzTOYM151wz8xrU5Bl0fyoyn9P2Iz2VhDmY%2Djpq9msRH%2D8%2DaEEoSWigXTBozBmqUDnMWH0i1Ty2nXVjPUcsZPJI5zQbL8BXVWVETCIDP6YEQP6qVSXLF6klLakkQypAnABISp5bnABOAEA4gF%5FPS4gU2QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYksfEs92ygwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CQ0iwE%2D3xlhbQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf%5FxgQdYDjysYKBbGMVSnETJhEUsoC8IPtwWsXVINceGu3wS1njxnYWzTbyB1DmohtQIpt90Ni7VBgB%26sig%3DAOD64%5F0gzcqfdSyluObp4JZb0s3jC1j1uw%26client%3Dca%2Dpub%2D9927393713550282%26dbm%5Fc%3DAKAmf%2DA%5F8xfA9BGAgyhf1VqcgWnAB%2DwN5HiXXxpgbavMNm%2DgvrOp%5FGjpIbh1ra7uHqb7xoBS7OiKbpK1Q1S%2DurdxGphvYwn9V1FBdISIpsTRPaxTcNlMbzlTOKmFEgKQHfXzbRYAS1lfyeeaWAXXpoBq57ZgJ7EkpuoTgDSa%2DeMlgLfhF45zwvI%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDyFVnZHp3XtMLgtVbEch2m%2DzKzlM8vWH%5F5rza0ghrL3NXO6z%2DGoVGYvH%5FBq0%5FCvWuwSS4RX4la99I9%2DDdV4ENCrPLaAEMxqk34hdmoSioB%5FBmWxHVyUYPJc9yewcucGdPHQMsmMEOPng%5FlvPmE37hZ%2DZoc9f5uQHV6CjJVc6UlE4XxmL1qfUO7LgOW6NzcjGmH4xH%2DGEyn7nZhkXd6Lq9CyUIqBfrCDOxbihVThFshXptVTJHCKYT6nKg2ZkZ2pzKdkB99%2DuY3yj90vVcWG%5FpEdnzBi01e%5Fc6r2E9tMUyOnAhiorbDfrexE2BODV56%5FFieCBoBuh62HK9bTqJLpVtd58GyxeMIIO33NaKK8ILA1g4VDm%2DpVyqph94mVnNbXjzSpups93ws2blKKAOIQtGgulZxcmgbe8267Bj3zzeMKA3mEH%5FJ6N2piSJl5ij7Na2VUetIFHtBMfu98Du6G5rqS7ZrxVJiwuJRDZo7mw6RS4J72VSeNtBzlucBo8HVk1oo7vhRtYvTRtO9w4yJqDo%2DyR6bM4tTNgLWbrWBb8vAWu1duTc%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7317709702059655527%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D1689%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7317709702063719638%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17773330%2526c%253D32692%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/0f/33/12/Mueller_Sale_Grundrauschen_300x250_x_230330_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClsqBM7qNZfTfGfGPvcAP6oOH2Aqi2%5FvIdPH1l%2DnVEdq24u%2DaOBABIMDLpzVg9ZXOgeAEoAH4k9q5AsgBCakCbxYK8J6rsj6oAwHIA5sEqgT6AU%5FQeXtPPGBU8NfoO8jQVjDehgeZcCpeS8h%2Dc%5Ft1kMnQ2M3Dvjz3c4hcWhOcD%5Fu0KLbwO2Kml0KsK5J9eXMnhLWRILI%2DFyCUp%5FIOIsaLPrraLHlQV3DKnyWX6wGxfrYvQ61PBwRCPWbO5NnqYmgbnZXwjj7BCHtfax7uKnFV189FXiJ4mB8nAyMKvnHXQL7qBnM5z3uoUJSdLbMTzTOYM151wz8xrU5Bl0fyoyn9P2Iz2VhDmY%2Djpq9msRH%2D8%2DaEEoSWigXTBozBmqUDnMWH0i1Ty2nXVjPUcsZPJI5zQbL8BXVWVETCIDP6YEQP6qVSXLF6klLakkQypAnABISp5bnABOAEA4gF%5FPS4gU2QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYksfEs92ygwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CQ0iwE%2D3xlhbQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf%5FxgQdYDjysYKBbGMVSnETJhEUsoC8IPtwWsXVINceGu3wS1njxnYWzTbyB1DmohtQIpt90Ni7VBgB%26sig%3DAOD64%5F0gzcqfdSyluObp4JZb0s3jC1j1uw%26client%3Dca%2Dpub%2D9927393713550282%26dbm%5Fc%3DAKAmf%2DA%5F8xfA9BGAgyhf1VqcgWnAB%2DwN5HiXXxpgbavMNm%2DgvrOp%5FGjpIbh1ra7uHqb7xoBS7OiKbpK1Q1S%2DurdxGphvYwn9V1FBdISIpsTRPaxTcNlMbzlTOKmFEgKQHfXzbRYAS1lfyeeaWAXXpoBq57ZgJ7EkpuoTgDSa%2DeMlgLfhF45zwvI%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDyFVnZHp3XtMLgtVbEch2m%2DzKzlM8vWH%5F5rza0ghrL3NXO6z%2DGoVGYvH%5FBq0%5FCvWuwSS4RX4la99I9%2DDdV4ENCrPLaAEMxqk34hdmoSioB%5FBmWxHVyUYPJc9yewcucGdPHQMsmMEOPng%5FlvPmE37hZ%2DZoc9f5uQHV6CjJVc6UlE4XxmL1qfUO7LgOW6NzcjGmH4xH%2DGEyn7nZhkXd6Lq9CyUIqBfrCDOxbihVThFshXptVTJHCKYT6nKg2ZkZ2pzKdkB99%2DuY3yj90vVcWG%5FpEdnzBi01e%5Fc6r2E9tMUyOnAhiorbDfrexE2BODV56%5FFieCBoBuh62HK9bTqJLpVtd58GyxeMIIO33NaKK8ILA1g4VDm%2DpVyqph94mVnNbXjzSpups93ws2blKKAOIQtGgulZxcmgbe8267Bj3zzeMKA3mEH%5FJ6N2piSJl5ij7Na2VUetIFHtBMfu98Du6G5rqS7ZrxVJiwuJRDZo7mw6RS4J72VSeNtBzlucBo8HVk1oo7vhRtYvTRtO9w4yJqDo%2DyR6bM4tTNgLWbrWBb8vAWu1duTc%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7317709702059655527%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D1689%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7317709702063719638%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17773330%2526c%253D32692%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:11:00 GMT
content-encoding
br
last-modified
Wed, 22 Nov 2023 10:01:14 GMT
etag
"597418985-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
330
createjs.min.js
code.createjs.com/1.0.0/ Frame 8F11 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/0f/33/12/Mueller_Sale_Grundrauschen_300x250_x_230330_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClsqBM7qNZfTfGfGPvcAP6oOH2Aqi2%5FvIdPH1l%2DnVEdq24u%2DaOBABIMDLpzVg9ZXOgeAEoAH4k9q5AsgBCakCbxYK8J6rsj6oAwHIA5sEqgT6AU%5FQeXtPPGBU8NfoO8jQVjDehgeZcCpeS8h%2Dc%5Ft1kMnQ2M3Dvjz3c4hcWhOcD%5Fu0KLbwO2Kml0KsK5J9eXMnhLWRILI%2DFyCUp%5FIOIsaLPrraLHlQV3DKnyWX6wGxfrYvQ61PBwRCPWbO5NnqYmgbnZXwjj7BCHtfax7uKnFV189FXiJ4mB8nAyMKvnHXQL7qBnM5z3uoUJSdLbMTzTOYM151wz8xrU5Bl0fyoyn9P2Iz2VhDmY%2Djpq9msRH%2D8%2DaEEoSWigXTBozBmqUDnMWH0i1Ty2nXVjPUcsZPJI5zQbL8BXVWVETCIDP6YEQP6qVSXLF6klLakkQypAnABISp5bnABOAEA4gF%5FPS4gU2QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYksfEs92ygwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CQ0iwE%2D3xlhbQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf%5FxgQdYDjysYKBbGMVSnETJhEUsoC8IPtwWsXVINceGu3wS1njxnYWzTbyB1DmohtQIpt90Ni7VBgB%26sig%3DAOD64%5F0gzcqfdSyluObp4JZb0s3jC1j1uw%26client%3Dca%2Dpub%2D9927393713550282%26dbm%5Fc%3DAKAmf%2DA%5F8xfA9BGAgyhf1VqcgWnAB%2DwN5HiXXxpgbavMNm%2DgvrOp%5FGjpIbh1ra7uHqb7xoBS7OiKbpK1Q1S%2DurdxGphvYwn9V1FBdISIpsTRPaxTcNlMbzlTOKmFEgKQHfXzbRYAS1lfyeeaWAXXpoBq57ZgJ7EkpuoTgDSa%2DeMlgLfhF45zwvI%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDyFVnZHp3XtMLgtVbEch2m%2DzKzlM8vWH%5F5rza0ghrL3NXO6z%2DGoVGYvH%5FBq0%5FCvWuwSS4RX4la99I9%2DDdV4ENCrPLaAEMxqk34hdmoSioB%5FBmWxHVyUYPJc9yewcucGdPHQMsmMEOPng%5FlvPmE37hZ%2DZoc9f5uQHV6CjJVc6UlE4XxmL1qfUO7LgOW6NzcjGmH4xH%2DGEyn7nZhkXd6Lq9CyUIqBfrCDOxbihVThFshXptVTJHCKYT6nKg2ZkZ2pzKdkB99%2DuY3yj90vVcWG%5FpEdnzBi01e%5Fc6r2E9tMUyOnAhiorbDfrexE2BODV56%5FFieCBoBuh62HK9bTqJLpVtd58GyxeMIIO33NaKK8ILA1g4VDm%2DpVyqph94mVnNbXjzSpups93ws2blKKAOIQtGgulZxcmgbe8267Bj3zzeMKA3mEH%5FJ6N2piSJl5ij7Na2VUetIFHtBMfu98Du6G5rqS7ZrxVJiwuJRDZo7mw6RS4J72VSeNtBzlucBo8HVk1oo7vhRtYvTRtO9w4yJqDo%2DyR6bM4tTNgLWbrWBb8vAWu1duTc%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7317709702059655527%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D1689%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7317709702063719638%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17773330%2526c%253D32692%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:11::215:14cb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:11:00 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=900
x-n
S
accept-ranges
bytes
expires
Thu, 28 Dec 2023 18:26:00 GMT
Mueller_Sale_Grundrauschen_300x250_x_230330_vdj.js
imagesrv.adition.com/banners/268/01/0f/33/12/ Frame 8F11 		37 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/01/0f/33/12/Mueller_Sale_Grundrauschen_300x250_x_230330_vdj.js?1680188594589
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/0f/33/12/Mueller_Sale_Grundrauschen_300x250_x_230330_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClsqBM7qNZfTfGfGPvcAP6oOH2Aqi2%5FvIdPH1l%2DnVEdq24u%2DaOBABIMDLpzVg9ZXOgeAEoAH4k9q5AsgBCakCbxYK8J6rsj6oAwHIA5sEqgT6AU%5FQeXtPPGBU8NfoO8jQVjDehgeZcCpeS8h%2Dc%5Ft1kMnQ2M3Dvjz3c4hcWhOcD%5Fu0KLbwO2Kml0KsK5J9eXMnhLWRILI%2DFyCUp%5FIOIsaLPrraLHlQV3DKnyWX6wGxfrYvQ61PBwRCPWbO5NnqYmgbnZXwjj7BCHtfax7uKnFV189FXiJ4mB8nAyMKvnHXQL7qBnM5z3uoUJSdLbMTzTOYM151wz8xrU5Bl0fyoyn9P2Iz2VhDmY%2Djpq9msRH%2D8%2DaEEoSWigXTBozBmqUDnMWH0i1Ty2nXVjPUcsZPJI5zQbL8BXVWVETCIDP6YEQP6qVSXLF6klLakkQypAnABISp5bnABOAEA4gF%5FPS4gU2QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYksfEs92ygwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CQ0iwE%2D3xlhbQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf%5FxgQdYDjysYKBbGMVSnETJhEUsoC8IPtwWsXVINceGu3wS1njxnYWzTbyB1DmohtQIpt90Ni7VBgB%26sig%3DAOD64%5F0gzcqfdSyluObp4JZb0s3jC1j1uw%26client%3Dca%2Dpub%2D9927393713550282%26dbm%5Fc%3DAKAmf%2DA%5F8xfA9BGAgyhf1VqcgWnAB%2DwN5HiXXxpgbavMNm%2DgvrOp%5FGjpIbh1ra7uHqb7xoBS7OiKbpK1Q1S%2DurdxGphvYwn9V1FBdISIpsTRPaxTcNlMbzlTOKmFEgKQHfXzbRYAS1lfyeeaWAXXpoBq57ZgJ7EkpuoTgDSa%2DeMlgLfhF45zwvI%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDyFVnZHp3XtMLgtVbEch2m%2DzKzlM8vWH%5F5rza0ghrL3NXO6z%2DGoVGYvH%5FBq0%5FCvWuwSS4RX4la99I9%2DDdV4ENCrPLaAEMxqk34hdmoSioB%5FBmWxHVyUYPJc9yewcucGdPHQMsmMEOPng%5FlvPmE37hZ%2DZoc9f5uQHV6CjJVc6UlE4XxmL1qfUO7LgOW6NzcjGmH4xH%2DGEyn7nZhkXd6Lq9CyUIqBfrCDOxbihVThFshXptVTJHCKYT6nKg2ZkZ2pzKdkB99%2DuY3yj90vVcWG%5FpEdnzBi01e%5Fc6r2E9tMUyOnAhiorbDfrexE2BODV56%5FFieCBoBuh62HK9bTqJLpVtd58GyxeMIIO33NaKK8ILA1g4VDm%2DpVyqph94mVnNbXjzSpups93ws2blKKAOIQtGgulZxcmgbe8267Bj3zzeMKA3mEH%5FJ6N2piSJl5ij7Na2VUetIFHtBMfu98Du6G5rqS7ZrxVJiwuJRDZo7mw6RS4J72VSeNtBzlucBo8HVk1oo7vhRtYvTRtO9w4yJqDo%2DyR6bM4tTNgLWbrWBb8vAWu1duTc%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7317709702059655527%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D1689%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7317709702063719638%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17773330%2526c%253D32692%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
d9a0ea3ed0a532235f43687379683fbdb984083bbdc311bd91a23c6d21f3cc72

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/0f/33/12/Mueller_Sale_Grundrauschen_300x250_x_230330_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClsqBM7qNZfTfGfGPvcAP6oOH2Aqi2%5FvIdPH1l%2DnVEdq24u%2DaOBABIMDLpzVg9ZXOgeAEoAH4k9q5AsgBCakCbxYK8J6rsj6oAwHIA5sEqgT6AU%5FQeXtPPGBU8NfoO8jQVjDehgeZcCpeS8h%2Dc%5Ft1kMnQ2M3Dvjz3c4hcWhOcD%5Fu0KLbwO2Kml0KsK5J9eXMnhLWRILI%2DFyCUp%5FIOIsaLPrraLHlQV3DKnyWX6wGxfrYvQ61PBwRCPWbO5NnqYmgbnZXwjj7BCHtfax7uKnFV189FXiJ4mB8nAyMKvnHXQL7qBnM5z3uoUJSdLbMTzTOYM151wz8xrU5Bl0fyoyn9P2Iz2VhDmY%2Djpq9msRH%2D8%2DaEEoSWigXTBozBmqUDnMWH0i1Ty2nXVjPUcsZPJI5zQbL8BXVWVETCIDP6YEQP6qVSXLF6klLakkQypAnABISp5bnABOAEA4gF%5FPS4gU2QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYksfEs92ygwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CQ0iwE%2D3xlhbQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf%5FxgQdYDjysYKBbGMVSnETJhEUsoC8IPtwWsXVINceGu3wS1njxnYWzTbyB1DmohtQIpt90Ni7VBgB%26sig%3DAOD64%5F0gzcqfdSyluObp4JZb0s3jC1j1uw%26client%3Dca%2Dpub%2D9927393713550282%26dbm%5Fc%3DAKAmf%2DA%5F8xfA9BGAgyhf1VqcgWnAB%2DwN5HiXXxpgbavMNm%2DgvrOp%5FGjpIbh1ra7uHqb7xoBS7OiKbpK1Q1S%2DurdxGphvYwn9V1FBdISIpsTRPaxTcNlMbzlTOKmFEgKQHfXzbRYAS1lfyeeaWAXXpoBq57ZgJ7EkpuoTgDSa%2DeMlgLfhF45zwvI%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDyFVnZHp3XtMLgtVbEch2m%2DzKzlM8vWH%5F5rza0ghrL3NXO6z%2DGoVGYvH%5FBq0%5FCvWuwSS4RX4la99I9%2DDdV4ENCrPLaAEMxqk34hdmoSioB%5FBmWxHVyUYPJc9yewcucGdPHQMsmMEOPng%5FlvPmE37hZ%2DZoc9f5uQHV6CjJVc6UlE4XxmL1qfUO7LgOW6NzcjGmH4xH%2DGEyn7nZhkXd6Lq9CyUIqBfrCDOxbihVThFshXptVTJHCKYT6nKg2ZkZ2pzKdkB99%2DuY3yj90vVcWG%5FpEdnzBi01e%5Fc6r2E9tMUyOnAhiorbDfrexE2BODV56%5FFieCBoBuh62HK9bTqJLpVtd58GyxeMIIO33NaKK8ILA1g4VDm%2DpVyqph94mVnNbXjzSpups93ws2blKKAOIQtGgulZxcmgbe8267Bj3zzeMKA3mEH%5FJ6N2piSJl5ij7Na2VUetIFHtBMfu98Du6G5rqS7ZrxVJiwuJRDZo7mw6RS4J72VSeNtBzlucBo8HVk1oo7vhRtYvTRtO9w4yJqDo%2DyR6bM4tTNgLWbrWBb8vAWu1duTc%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7317709702059655527%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D1689%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7317709702063719638%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17773330%2526c%253D32692%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:11:00 GMT
content-encoding
br
last-modified
Thu, 20 Apr 2023 09:39:57 GMT
etag
"763767337-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
9534
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 7A6E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGkYWZIqScbpPbKMWdvTUI8&google_cver=1&google_push=AXcoOmTH_9SjyE6izM7Xd64vVTSYWNmOETmGce7plNnfg32estumRb-SNVHqlDMuuAqZBT53SEC8WyP405BNwHfLZTA-g3il6UfocZc
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODI2Njc1NTIzODg2OTUyMjQzMg==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGkYWZIqScbpPbKMWdvTUI8&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGkYWZIqScbpPbKMWdvTUI8&google_cver=1
Protocol
H2
Server
46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 28 Dec 2023 18:11:01 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:11:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGkYWZIqScbpPbKMWdvTUI8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 7A6E 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHsJopgh5PHc4FfEWSW7nXo&google_cver=1&google_push=AXcoOmQCyJuzAdyFbCpdqJoYqFG7sGlIchMhS1sXH_3EoPA_KiPq_mDAryGBSv5S85evXw4F5IZXZpg-3fH7GlTScJLaLZ6tGA2AIA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9927393713550282&output=html&h=280&adk=377845342&adf=2791373073&pi=t.aa~a.3404089767~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1703787059&rafmt=1&to=qs&pwprc=6711635098&format=360x280&url=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703787059260&bpp=1&bdt=2355&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939274579570&frm=20&pv=1&ga_vid=246232683.1703787058&ga_sid=1703787058&ga_hid=470107238&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C95320884&oid=2&pvsid=2076560842998984&tmod=1913879467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:11:00 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7A6E
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEHCnfeuNEjpz44-cYf7e0T4&google_cver=1&google_push=AXcoOmRTaF3ljB9g_qVzeF2QQQCYa94SFw2Qkrd_nmPfha2pntrtxSNC6rcdstQbqk5mcnzPsk0xwXLz63zeolHGPoelS0id4yvpAA
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=QjNya2NvZjhEUk90NEROQk5icU5aUQ%3D%3D&google_push=AXcoOmRTaF3ljB9g_qVzeF2QQQCYa94SFw2Qkrd_nmPfha2pntrtxSNC6rcdstQbqk5mcnzPsk0xwXLz63zeo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=QjNya2NvZjhEUk90NEROQk5icU5aUQ%3D%3D&google_push=AXcoOmRTaF3ljB9g_qVzeF2QQQCYa94SFw2Qkrd_nmPfha2pntrtxSNC6rcdstQbqk5mcnzPsk0xwXLz63zeolHGPoelS0id4yvpAA
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:11:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 28 Dec 2023 18:11:01 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=QjNya2NvZjhEUk90NEROQk5icU5aUQ%3D%3D&google_push=AXcoOmRTaF3ljB9g_qVzeF2QQQCYa94SFw2Qkrd_nmPfha2pntrtxSNC6rcdstQbqk5mcnzPsk0xwXLz63zeolHGPoelS0id4yvpAA
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
245
pixel
cm.g.doubleclick.net/ Frame 7A6E
Redirect Chain
  • https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEJS1CPgARKWKmBkNNqLJxeU&google_cver=1&google_push=AXcoOmTsYeLUTKWram4xUUxVxlLTPXi5kI2BT65ukPdFNDLYGfiObz1E1kNw1hBbqyDlY395UIOXMmOZ365_WkS9KEDt_gd0ShGRrnA
  • https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmTsYeLUTKWram4xUUxVxlLTPXi5kI2BT65ukPdFNDLYGfiObz1E1kNw1hBbqyDlY395UIOXMmOZ365_WkS9KEDt_gd0ShGRrnA&google_hm=NTgzSUIxMDBrQkRFODAw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmTsYeLUTKWram4xUUxVxlLTPXi5kI2BT65ukPdFNDLYGfiObz1E1kNw1hBbqyDlY395UIOXMmOZ365_WkS9KEDt_gd0ShGRrnA&google_hm=NTgzSUIxMDBrQkRFODAwNlYzZlQ
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:11:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-store, no-cache
Date
Thu, 28 Dec 2023 18:11:01 GMT
Server
nginx
P3P
CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location
//cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmTsYeLUTKWram4xUUxVxlLTPXi5kI2BT65ukPdFNDLYGfiObz1E1kNw1hBbqyDlY395UIOXMmOZ365_WkS9KEDt_gd0ShGRrnA&google_hm=NTgzSUIxMDBrQkRFODAwNlYzZlQ
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
X-SID
159f32b0
pixel
cm.g.doubleclick.net/ Frame 7A6E
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHELUmxcq88jGVzvVfjVoDc&google_cver=1&google_push=AXcoOmSLHojQbUJ9pRl76jAoYoiIbXESFYODve5EilozKSUDrB5GZCVr1no1jXhhPgG34kPUK-op_ek67vSM66V5Bz7siIZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSLHojQbUJ9pRl76jAoYoiIbXESFYODve5EilozKSUDrB5GZCVr1no1jXhhPgG34kPUK-op_ek67vSM66V5Bz7siIZ5bKQShss&google_hm=eS1peFB5dUV0RTJwRUR...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSLHojQbUJ9pRl76jAoYoiIbXESFYODve5EilozKSUDrB5GZCVr1no1jXhhPgG34kPUK-op_ek67vSM66V5Bz7siIZ5bKQShss&google_hm=eS1peFB5dUV0RTJwRURDZFZVOWxGbV94aWsyNlllM0JaY35B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9927393713550282&output=html&h=280&adk=377845342&adf=2791373073&pi=t.aa~a.3404089767~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1703787059&rafmt=1&to=qs&pwprc=6711635098&format=360x280&url=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703787059260&bpp=1&bdt=2355&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939274579570&frm=20&pv=1&ga_vid=246232683.1703787058&ga_sid=1703787058&ga_hid=470107238&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C95320884&oid=2&pvsid=2076560842998984&tmod=1913879467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:11:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 28 Dec 2023 18:11:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSLHojQbUJ9pRl76jAoYoiIbXESFYODve5EilozKSUDrB5GZCVr1no1jXhhPgG34kPUK-op_ek67vSM66V5Bz7siIZ5bKQShss&google_hm=eS1peFB5dUV0RTJwRURDZFZVOWxGbV94aWsyNlllM0JaY35B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 7A6E
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESENZ34gEoCPTXbsOevr9Qbkc&google_cver=1&google_push=AXcoOmTI0_0jkLcXWZNGBuYFG5-t_ks4IQxI0RW9uFbzHX9WbsQPS0VBujv6zWt5WLlsEGNLq6YF5p_SY1r76...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESENZ34gEoCPTXbsOevr9Qbkc&google_push=AXcoOmTI0_0jkLcXWZNGBuYFG5-t_ks4IQxI0RW9uFbzHX9WbsQPS0VBujv6zWt5WLlsEGNLq6YF5p_SY1r76...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTI0_0jkLcXWZNGBuYFG5-t_ks4IQxI0RW9uFbzHX9WbsQPS0VBujv6zWt5WLlsEGNLq6YF5p_SY1r76dOGBayPmfTWcPAzvGs&google_hm=WXI5RUs0dm1rTnFDW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTI0_0jkLcXWZNGBuYFG5-t_ks4IQxI0RW9uFbzHX9WbsQPS0VBujv6zWt5WLlsEGNLq6YF5p_SY1r76dOGBayPmfTWcPAzvGs&google_hm=WXI5RUs0dm1rTnFDWS12UnI0U3E=
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:11:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 28 Dec 2023 18:11:01 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTI0_0jkLcXWZNGBuYFG5-t_ks4IQxI0RW9uFbzHX9WbsQPS0VBujv6zWt5WLlsEGNLq6YF5p_SY1r76dOGBayPmfTWcPAzvGs&google_hm=WXI5RUs0dm1rTnFDWS12UnI0U3E=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
239
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7A6E
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmQWNU92yOeCCvgSNl4NSdH_PXmT4tKnBFgXhlZhQPdSMgXYwt8Nr-EtRUqqsuncx4jM0JxgYMlVKw_g8i5SNBrDp7K0w77amW8&google_gid=CAESEJxn9ftKSy...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJxn9ftKSyaQuOlphgi92Jc&google_hm=T1BVNjliMzNjMTdlMjI5NDczODhlOTZmNjNhNTA2MzMyNmE&google_nid=opera_norway_as&google_push=AXcoOmQWNU92...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJxn9ftKSyaQuOlphgi92Jc&google_hm=T1BVNjliMzNjMTdlMjI5NDczODhlOTZmNjNhNTA2MzMyNmE&google_nid=opera_norway_as&google_push=AXcoOmQWNU92yOeCCvgSNl4NSdH_PXmT4tKnBFgXhlZhQPdSMgXYwt8Nr-EtRUqqsuncx4jM0JxgYMlVKw_g8i5SNBrDp7K0w77amW8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9927393713550282&output=html&h=280&adk=377845342&adf=2791373073&pi=t.aa~a.3404089767~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1703787059&rafmt=1&to=qs&pwprc=6711635098&format=360x280&url=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703787059260&bpp=1&bdt=2355&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939274579570&frm=20&pv=1&ga_vid=246232683.1703787058&ga_sid=1703787058&ga_hid=470107238&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C95320884&oid=2&pvsid=2076560842998984&tmod=1913879467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:11:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:11:00 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJxn9ftKSyaQuOlphgi92Jc&google_hm=T1BVNjliMzNjMTdlMjI5NDczODhlOTZmNjNhNTA2MzMyNmE&google_nid=opera_norway_as&google_push=AXcoOmQWNU92yOeCCvgSNl4NSdH_PXmT4tKnBFgXhlZhQPdSMgXYwt8Nr-EtRUqqsuncx4jM0JxgYMlVKw_g8i5SNBrDp7K0w77amW8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
327
expires
Mon, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 7A6E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KYKMttzKLAzgVKNa20QAV8nu1gBiKH3A0Z_1XfZYoGwzdskie2O7LzZ_Ge8JK0obxzKrQyVA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9927393713550282&output=html&h=280&adk=377845342&adf=2791373073&pi=t.aa~a.3404089767~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1703787059&rafmt=1&to=qs&pwprc=6711635098&format=360x280&url=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703787059260&bpp=1&bdt=2355&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939274579570&frm=20&pv=1&ga_vid=246232683.1703787058&ga_sid=1703787058&ga_hid=470107238&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C95320884&oid=2&pvsid=2076560842998984&tmod=1913879467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:11:00 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adplayer_privacy.sjs
imagesrv.adition.com/js/adplayer/ Frame E2FF 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adplayer/adplayer_privacy.sjs?oba=0&domId=obaButton_7317709702059655527&title=PIA+Advertising+GmbH&text=nutzt+u.a.+die+ADITION+Adserving-Technologie.+Mehr+&url=https%3A%2F%2Fpia-advertising.com%2Fopt-out%2F&linkText=Informationen+zum+Datenschutz%2FOpt-Out+&pos=top-right
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/270/oba_priv.sjs?oba=&domId=obaButton_7317709702059655527&btr=true&pos=top-right&cid=558342&aid=558342
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
88f4a6164ffbbbcbab2e6b3cd061b919caca2de3e4a69c88c67ee4f8b571054f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 28 Dec 2023 18:11:00 GMT
content-encoding
br
content-length
6042
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
adplayer.min.css
imagesrv.adition.com/js/adplayer/ Frame E2FF 		3 KB
1006 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adplayer/adplayer.min.css
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/js/adplayer/adplayer_privacy.sjs?oba=0&domId=obaButton_7317709702059655527&title=PIA+Advertising+GmbH&text=nutzt+u.a.+die+ADITION+Adserving-Technologie.+Mehr+&url=https%3A%2F%2Fpia-advertising.com%2Fopt-out%2F&linkText=Informationen+zum+Datenschutz%2FOpt-Out+&pos=top-right
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
dc1ca4850a9ee967d6ebcb561007bdea073f8380ae5a0a4f634945e3f9b59b87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 18:11:00 GMT
content-encoding
br
last-modified
Tue, 30 Oct 2012 15:33:13 GMT
etag
"524465627-br"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
918
truncated
/ Frame C55C 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93847d298d6665b62e785756a9cdc1044654fe7d69af399b56e221349c026b99

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
oba_icon.png
imagesrv.adition.com/js/adplayer/ Frame E2FF 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/js/adplayer/oba_icon.png
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/js/adplayer/adplayer.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/js/adplayer/adplayer.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 28 Dec 2023 18:11:00 GMT
last-modified
Tue, 30 Oct 2012 15:33:13 GMT
accept-ranges
bytes
etag
"502461915"
content-length
3262
content-type
image/png
bgd_300x250.jpg
imagesrv.adition.com/banners/268/01/0f/33/12/images/ Frame 8F11 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/01/0f/33/12/images/bgd_300x250.jpg?1680188594580
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9927393713550282&output=html&h=280&adk=377845342&adf=2791373073&pi=t.aa~a.3404089767~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1703787059&rafmt=1&to=qs&pwprc=6711635098&format=360x280&url=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703787059260&bpp=1&bdt=2355&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939274579570&frm=20&pv=1&ga_vid=246232683.1703787058&ga_sid=1703787058&ga_hid=470107238&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C95320884&oid=2&pvsid=2076560842998984&tmod=1913879467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
9f995e8440ba362aeba6130e1bc2b329b032db16c6dc195a92ea84992f054241

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/0f/33/12/Mueller_Sale_Grundrauschen_300x250_x_230330_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClsqBM7qNZfTfGfGPvcAP6oOH2Aqi2%5FvIdPH1l%2DnVEdq24u%2DaOBABIMDLpzVg9ZXOgeAEoAH4k9q5AsgBCakCbxYK8J6rsj6oAwHIA5sEqgT6AU%5FQeXtPPGBU8NfoO8jQVjDehgeZcCpeS8h%2Dc%5Ft1kMnQ2M3Dvjz3c4hcWhOcD%5Fu0KLbwO2Kml0KsK5J9eXMnhLWRILI%2DFyCUp%5FIOIsaLPrraLHlQV3DKnyWX6wGxfrYvQ61PBwRCPWbO5NnqYmgbnZXwjj7BCHtfax7uKnFV189FXiJ4mB8nAyMKvnHXQL7qBnM5z3uoUJSdLbMTzTOYM151wz8xrU5Bl0fyoyn9P2Iz2VhDmY%2Djpq9msRH%2D8%2DaEEoSWigXTBozBmqUDnMWH0i1Ty2nXVjPUcsZPJI5zQbL8BXVWVETCIDP6YEQP6qVSXLF6klLakkQypAnABISp5bnABOAEA4gF%5FPS4gU2QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYksfEs92ygwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CQ0iwE%2D3xlhbQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf%5FxgQdYDjysYKBbGMVSnETJhEUsoC8IPtwWsXVINceGu3wS1njxnYWzTbyB1DmohtQIpt90Ni7VBgB%26sig%3DAOD64%5F0gzcqfdSyluObp4JZb0s3jC1j1uw%26client%3Dca%2Dpub%2D9927393713550282%26dbm%5Fc%3DAKAmf%2DA%5F8xfA9BGAgyhf1VqcgWnAB%2DwN5HiXXxpgbavMNm%2DgvrOp%5FGjpIbh1ra7uHqb7xoBS7OiKbpK1Q1S%2DurdxGphvYwn9V1FBdISIpsTRPaxTcNlMbzlTOKmFEgKQHfXzbRYAS1lfyeeaWAXXpoBq57ZgJ7EkpuoTgDSa%2DeMlgLfhF45zwvI%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDyFVnZHp3XtMLgtVbEch2m%2DzKzlM8vWH%5F5rza0ghrL3NXO6z%2DGoVGYvH%5FBq0%5FCvWuwSS4RX4la99I9%2DDdV4ENCrPLaAEMxqk34hdmoSioB%5FBmWxHVyUYPJc9yewcucGdPHQMsmMEOPng%5FlvPmE37hZ%2DZoc9f5uQHV6CjJVc6UlE4XxmL1qfUO7LgOW6NzcjGmH4xH%2DGEyn7nZhkXd6Lq9CyUIqBfrCDOxbihVThFshXptVTJHCKYT6nKg2ZkZ2pzKdkB99%2DuY3yj90vVcWG%5FpEdnzBi01e%5Fc6r2E9tMUyOnAhiorbDfrexE2BODV56%5FFieCBoBuh62HK9bTqJLpVtd58GyxeMIIO33NaKK8ILA1g4VDm%2DpVyqph94mVnNbXjzSpups93ws2blKKAOIQtGgulZxcmgbe8267Bj3zzeMKA3mEH%5FJ6N2piSJl5ij7Na2VUetIFHtBMfu98Du6G5rqS7ZrxVJiwuJRDZo7mw6RS4J72VSeNtBzlucBo8HVk1oo7vhRtYvTRtO9w4yJqDo%2DyR6bM4tTNgLWbrWBb8vAWu1duTc%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7317709702059655527%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D1689%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7317709702063719638%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17773330%2526c%253D32692%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 28 Dec 2023 18:11:00 GMT
last-modified
Thu, 20 Apr 2023 09:39:57 GMT
accept-ranges
bytes
etag
"373861391"
content-length
3975
content-type
image/jpeg
letter_a.png
imagesrv.adition.com/banners/268/01/0f/33/12/images/ Frame 8F11 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/01/0f/33/12/images/letter_a.png?1680188594580
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
6fe7f0de80b14b57a088584f12bdeb92d9aeea7d75b4897629717b35f5e9c85e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/0f/33/12/Mueller_Sale_Grundrauschen_300x250_x_230330_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClsqBM7qNZfTfGfGPvcAP6oOH2Aqi2%5FvIdPH1l%2DnVEdq24u%2DaOBABIMDLpzVg9ZXOgeAEoAH4k9q5AsgBCakCbxYK8J6rsj6oAwHIA5sEqgT6AU%5FQeXtPPGBU8NfoO8jQVjDehgeZcCpeS8h%2Dc%5Ft1kMnQ2M3Dvjz3c4hcWhOcD%5Fu0KLbwO2Kml0KsK5J9eXMnhLWRILI%2DFyCUp%5FIOIsaLPrraLHlQV3DKnyWX6wGxfrYvQ61PBwRCPWbO5NnqYmgbnZXwjj7BCHtfax7uKnFV189FXiJ4mB8nAyMKvnHXQL7qBnM5z3uoUJSdLbMTzTOYM151wz8xrU5Bl0fyoyn9P2Iz2VhDmY%2Djpq9msRH%2D8%2DaEEoSWigXTBozBmqUDnMWH0i1Ty2nXVjPUcsZPJI5zQbL8BXVWVETCIDP6YEQP6qVSXLF6klLakkQypAnABISp5bnABOAEA4gF%5FPS4gU2QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYksfEs92ygwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CQ0iwE%2D3xlhbQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf%5FxgQdYDjysYKBbGMVSnETJhEUsoC8IPtwWsXVINceGu3wS1njxnYWzTbyB1DmohtQIpt90Ni7VBgB%26sig%3DAOD64%5F0gzcqfdSyluObp4JZb0s3jC1j1uw%26client%3Dca%2Dpub%2D9927393713550282%26dbm%5Fc%3DAKAmf%2DA%5F8xfA9BGAgyhf1VqcgWnAB%2DwN5HiXXxpgbavMNm%2DgvrOp%5FGjpIbh1ra7uHqb7xoBS7OiKbpK1Q1S%2DurdxGphvYwn9V1FBdISIpsTRPaxTcNlMbzlTOKmFEgKQHfXzbRYAS1lfyeeaWAXXpoBq57ZgJ7EkpuoTgDSa%2DeMlgLfhF45zwvI%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDyFVnZHp3XtMLgtVbEch2m%2DzKzlM8vWH%5F5rza0ghrL3NXO6z%2DGoVGYvH%5FBq0%5FCvWuwSS4RX4la99I9%2DDdV4ENCrPLaAEMxqk34hdmoSioB%5FBmWxHVyUYPJc9yewcucGdPHQMsmMEOPng%5FlvPmE37hZ%2DZoc9f5uQHV6CjJVc6UlE4XxmL1qfUO7LgOW6NzcjGmH4xH%2DGEyn7nZhkXd6Lq9CyUIqBfrCDOxbihVThFshXptVTJHCKYT6nKg2ZkZ2pzKdkB99%2DuY3yj90vVcWG%5FpEdnzBi01e%5Fc6r2E9tMUyOnAhiorbDfrexE2BODV56%5FFieCBoBuh62HK9bTqJLpVtd58GyxeMIIO33NaKK8ILA1g4VDm%2DpVyqph94mVnNbXjzSpups93ws2blKKAOIQtGgulZxcmgbe8267Bj3zzeMKA3mEH%5FJ6N2piSJl5ij7Na2VUetIFHtBMfu98Du6G5rqS7ZrxVJiwuJRDZo7mw6RS4J72VSeNtBzlucBo8HVk1oo7vhRtYvTRtO9w4yJqDo%2DyR6bM4tTNgLWbrWBb8vAWu1duTc%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7317709702059655527%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D1689%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7317709702063719638%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17773330%2526c%253D32692%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 28 Dec 2023 18:11:00 GMT
last-modified
Thu, 20 Apr 2023 09:39:56 GMT
accept-ranges
bytes
etag
"524690122"
content-length
5406
content-type
image/png
letter_e.png
imagesrv.adition.com/banners/268/01/0f/33/12/images/ Frame 8F11 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/01/0f/33/12/images/letter_e.png?1680188594580
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
cfd7befd64839e1173b32087454902af22cff9963e902b53ffb78e4d6d9a045e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/0f/33/12/Mueller_Sale_Grundrauschen_300x250_x_230330_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClsqBM7qNZfTfGfGPvcAP6oOH2Aqi2%5FvIdPH1l%2DnVEdq24u%2DaOBABIMDLpzVg9ZXOgeAEoAH4k9q5AsgBCakCbxYK8J6rsj6oAwHIA5sEqgT6AU%5FQeXtPPGBU8NfoO8jQVjDehgeZcCpeS8h%2Dc%5Ft1kMnQ2M3Dvjz3c4hcWhOcD%5Fu0KLbwO2Kml0KsK5J9eXMnhLWRILI%2DFyCUp%5FIOIsaLPrraLHlQV3DKnyWX6wGxfrYvQ61PBwRCPWbO5NnqYmgbnZXwjj7BCHtfax7uKnFV189FXiJ4mB8nAyMKvnHXQL7qBnM5z3uoUJSdLbMTzTOYM151wz8xrU5Bl0fyoyn9P2Iz2VhDmY%2Djpq9msRH%2D8%2DaEEoSWigXTBozBmqUDnMWH0i1Ty2nXVjPUcsZPJI5zQbL8BXVWVETCIDP6YEQP6qVSXLF6klLakkQypAnABISp5bnABOAEA4gF%5FPS4gU2QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYksfEs92ygwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CQ0iwE%2D3xlhbQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf%5FxgQdYDjysYKBbGMVSnETJhEUsoC8IPtwWsXVINceGu3wS1njxnYWzTbyB1DmohtQIpt90Ni7VBgB%26sig%3DAOD64%5F0gzcqfdSyluObp4JZb0s3jC1j1uw%26client%3Dca%2Dpub%2D9927393713550282%26dbm%5Fc%3DAKAmf%2DA%5F8xfA9BGAgyhf1VqcgWnAB%2DwN5HiXXxpgbavMNm%2DgvrOp%5FGjpIbh1ra7uHqb7xoBS7OiKbpK1Q1S%2DurdxGphvYwn9V1FBdISIpsTRPaxTcNlMbzlTOKmFEgKQHfXzbRYAS1lfyeeaWAXXpoBq57ZgJ7EkpuoTgDSa%2DeMlgLfhF45zwvI%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDyFVnZHp3XtMLgtVbEch2m%2DzKzlM8vWH%5F5rza0ghrL3NXO6z%2DGoVGYvH%5FBq0%5FCvWuwSS4RX4la99I9%2DDdV4ENCrPLaAEMxqk34hdmoSioB%5FBmWxHVyUYPJc9yewcucGdPHQMsmMEOPng%5FlvPmE37hZ%2DZoc9f5uQHV6CjJVc6UlE4XxmL1qfUO7LgOW6NzcjGmH4xH%2DGEyn7nZhkXd6Lq9CyUIqBfrCDOxbihVThFshXptVTJHCKYT6nKg2ZkZ2pzKdkB99%2DuY3yj90vVcWG%5FpEdnzBi01e%5Fc6r2E9tMUyOnAhiorbDfrexE2BODV56%5FFieCBoBuh62HK9bTqJLpVtd58GyxeMIIO33NaKK8ILA1g4VDm%2DpVyqph94mVnNbXjzSpups93ws2blKKAOIQtGgulZxcmgbe8267Bj3zzeMKA3mEH%5FJ6N2piSJl5ij7Na2VUetIFHtBMfu98Du6G5rqS7ZrxVJiwuJRDZo7mw6RS4J72VSeNtBzlucBo8HVk1oo7vhRtYvTRtO9w4yJqDo%2DyR6bM4tTNgLWbrWBb8vAWu1duTc%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7317709702059655527%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D1689%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7317709702063719638%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17773330%2526c%253D32692%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 28 Dec 2023 18:11:00 GMT
last-modified
Thu, 20 Apr 2023 09:39:57 GMT
accept-ranges
bytes
etag
"236956676"
content-length
5003
content-type
image/png
letter_l.png
imagesrv.adition.com/banners/268/01/0f/33/12/images/ Frame 8F11 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/01/0f/33/12/images/letter_l.png?1680188594580
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
d6ac8fc6684619751e1ac570018aafe57ccac20beda4ca730e42b8a102c98ffa

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/0f/33/12/Mueller_Sale_Grundrauschen_300x250_x_230330_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClsqBM7qNZfTfGfGPvcAP6oOH2Aqi2%5FvIdPH1l%2DnVEdq24u%2DaOBABIMDLpzVg9ZXOgeAEoAH4k9q5AsgBCakCbxYK8J6rsj6oAwHIA5sEqgT6AU%5FQeXtPPGBU8NfoO8jQVjDehgeZcCpeS8h%2Dc%5Ft1kMnQ2M3Dvjz3c4hcWhOcD%5Fu0KLbwO2Kml0KsK5J9eXMnhLWRILI%2DFyCUp%5FIOIsaLPrraLHlQV3DKnyWX6wGxfrYvQ61PBwRCPWbO5NnqYmgbnZXwjj7BCHtfax7uKnFV189FXiJ4mB8nAyMKvnHXQL7qBnM5z3uoUJSdLbMTzTOYM151wz8xrU5Bl0fyoyn9P2Iz2VhDmY%2Djpq9msRH%2D8%2DaEEoSWigXTBozBmqUDnMWH0i1Ty2nXVjPUcsZPJI5zQbL8BXVWVETCIDP6YEQP6qVSXLF6klLakkQypAnABISp5bnABOAEA4gF%5FPS4gU2QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYksfEs92ygwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CQ0iwE%2D3xlhbQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf%5FxgQdYDjysYKBbGMVSnETJhEUsoC8IPtwWsXVINceGu3wS1njxnYWzTbyB1DmohtQIpt90Ni7VBgB%26sig%3DAOD64%5F0gzcqfdSyluObp4JZb0s3jC1j1uw%26client%3Dca%2Dpub%2D9927393713550282%26dbm%5Fc%3DAKAmf%2DA%5F8xfA9BGAgyhf1VqcgWnAB%2DwN5HiXXxpgbavMNm%2DgvrOp%5FGjpIbh1ra7uHqb7xoBS7OiKbpK1Q1S%2DurdxGphvYwn9V1FBdISIpsTRPaxTcNlMbzlTOKmFEgKQHfXzbRYAS1lfyeeaWAXXpoBq57ZgJ7EkpuoTgDSa%2DeMlgLfhF45zwvI%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDyFVnZHp3XtMLgtVbEch2m%2DzKzlM8vWH%5F5rza0ghrL3NXO6z%2DGoVGYvH%5FBq0%5FCvWuwSS4RX4la99I9%2DDdV4ENCrPLaAEMxqk34hdmoSioB%5FBmWxHVyUYPJc9yewcucGdPHQMsmMEOPng%5FlvPmE37hZ%2DZoc9f5uQHV6CjJVc6UlE4XxmL1qfUO7LgOW6NzcjGmH4xH%2DGEyn7nZhkXd6Lq9CyUIqBfrCDOxbihVThFshXptVTJHCKYT6nKg2ZkZ2pzKdkB99%2DuY3yj90vVcWG%5FpEdnzBi01e%5Fc6r2E9tMUyOnAhiorbDfrexE2BODV56%5FFieCBoBuh62HK9bTqJLpVtd58GyxeMIIO33NaKK8ILA1g4VDm%2DpVyqph94mVnNbXjzSpups93ws2blKKAOIQtGgulZxcmgbe8267Bj3zzeMKA3mEH%5FJ6N2piSJl5ij7Na2VUetIFHtBMfu98Du6G5rqS7ZrxVJiwuJRDZo7mw6RS4J72VSeNtBzlucBo8HVk1oo7vhRtYvTRtO9w4yJqDo%2DyR6bM4tTNgLWbrWBb8vAWu1duTc%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7317709702059655527%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D1689%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7317709702063719638%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17773330%2526c%253D32692%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 28 Dec 2023 18:11:00 GMT
last-modified
Thu, 20 Apr 2023 09:39:56 GMT
accept-ranges
bytes
etag
"1106764497"
content-length
4810
content-type
image/png
letter_percent.png
imagesrv.adition.com/banners/268/01/0f/33/12/images/ Frame 8F11 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/01/0f/33/12/images/letter_percent.png?1680188594580
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
392af94528f9ffb1948e828feb7c1ee063915ad94f83b94ddf984a709b48deef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/0f/33/12/Mueller_Sale_Grundrauschen_300x250_x_230330_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClsqBM7qNZfTfGfGPvcAP6oOH2Aqi2%5FvIdPH1l%2DnVEdq24u%2DaOBABIMDLpzVg9ZXOgeAEoAH4k9q5AsgBCakCbxYK8J6rsj6oAwHIA5sEqgT6AU%5FQeXtPPGBU8NfoO8jQVjDehgeZcCpeS8h%2Dc%5Ft1kMnQ2M3Dvjz3c4hcWhOcD%5Fu0KLbwO2Kml0KsK5J9eXMnhLWRILI%2DFyCUp%5FIOIsaLPrraLHlQV3DKnyWX6wGxfrYvQ61PBwRCPWbO5NnqYmgbnZXwjj7BCHtfax7uKnFV189FXiJ4mB8nAyMKvnHXQL7qBnM5z3uoUJSdLbMTzTOYM151wz8xrU5Bl0fyoyn9P2Iz2VhDmY%2Djpq9msRH%2D8%2DaEEoSWigXTBozBmqUDnMWH0i1Ty2nXVjPUcsZPJI5zQbL8BXVWVETCIDP6YEQP6qVSXLF6klLakkQypAnABISp5bnABOAEA4gF%5FPS4gU2QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYksfEs92ygwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CQ0iwE%2D3xlhbQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf%5FxgQdYDjysYKBbGMVSnETJhEUsoC8IPtwWsXVINceGu3wS1njxnYWzTbyB1DmohtQIpt90Ni7VBgB%26sig%3DAOD64%5F0gzcqfdSyluObp4JZb0s3jC1j1uw%26client%3Dca%2Dpub%2D9927393713550282%26dbm%5Fc%3DAKAmf%2DA%5F8xfA9BGAgyhf1VqcgWnAB%2DwN5HiXXxpgbavMNm%2DgvrOp%5FGjpIbh1ra7uHqb7xoBS7OiKbpK1Q1S%2DurdxGphvYwn9V1FBdISIpsTRPaxTcNlMbzlTOKmFEgKQHfXzbRYAS1lfyeeaWAXXpoBq57ZgJ7EkpuoTgDSa%2DeMlgLfhF45zwvI%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDyFVnZHp3XtMLgtVbEch2m%2DzKzlM8vWH%5F5rza0ghrL3NXO6z%2DGoVGYvH%5FBq0%5FCvWuwSS4RX4la99I9%2DDdV4ENCrPLaAEMxqk34hdmoSioB%5FBmWxHVyUYPJc9yewcucGdPHQMsmMEOPng%5FlvPmE37hZ%2DZoc9f5uQHV6CjJVc6UlE4XxmL1qfUO7LgOW6NzcjGmH4xH%2DGEyn7nZhkXd6Lq9CyUIqBfrCDOxbihVThFshXptVTJHCKYT6nKg2ZkZ2pzKdkB99%2DuY3yj90vVcWG%5FpEdnzBi01e%5Fc6r2E9tMUyOnAhiorbDfrexE2BODV56%5FFieCBoBuh62HK9bTqJLpVtd58GyxeMIIO33NaKK8ILA1g4VDm%2DpVyqph94mVnNbXjzSpups93ws2blKKAOIQtGgulZxcmgbe8267Bj3zzeMKA3mEH%5FJ6N2piSJl5ij7Na2VUetIFHtBMfu98Du6G5rqS7ZrxVJiwuJRDZo7mw6RS4J72VSeNtBzlucBo8HVk1oo7vhRtYvTRtO9w4yJqDo%2DyR6bM4tTNgLWbrWBb8vAWu1duTc%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7317709702059655527%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D1689%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7317709702063719638%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17773330%2526c%253D32692%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 28 Dec 2023 18:11:00 GMT
last-modified
Thu, 20 Apr 2023 09:39:57 GMT
accept-ranges
bytes
etag
"20327968"
content-length
5546
content-type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame A951 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0S5rc9_IrjCokGqNtz5SWOX5SPxFvy04vTqnTZtG8dOwmx1s55iU1WmqCy-N4LhPpeMUCwnp3h7Vd1w3xhh7biU-rgfK6pBCJi9lR7CEj1eiY76RkX2e_kDy4rxekyvbc2oPOlcOcsxPwn6fvWoVMfQq5&sai=AMfl-YS6D1B9VhVDKCUTC0KpzEm_ZiDARpTxNlisSlEVbwU7PQE-QOKc0gXElMi95NxmJoOtVW2G58HqAKYVYeij4Ye5qrfvEwll1F-ECM-GV7ogR5HfFURSEZdICZjfEA9y6jhiaHDsNKeBTngqTZLR-w&sig=Cg0ArKJSzN1yN4BXWUmYEAE&cid=CAQSTwAvHhf_cBRI7OLw2Rosogfc0s-WZhqW1KrZk9672V27s54n_30fMu4GQHn8deeEdgh9F0W_P_3jXLKPXTcgq5rS6jasfF4j2J_M_UnzWH8YAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703787059376&rpt=413&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:11:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
letter_percent_02.png
imagesrv.adition.com/banners/268/01/0f/33/12/images/ Frame 8F11 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/01/0f/33/12/images/letter_percent_02.png?1680188594580
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
23fc73c938300616bdc13dff22eae90c2d31cf675891840b31c1d66a81d82021

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/0f/33/12/Mueller_Sale_Grundrauschen_300x250_x_230330_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClsqBM7qNZfTfGfGPvcAP6oOH2Aqi2%5FvIdPH1l%2DnVEdq24u%2DaOBABIMDLpzVg9ZXOgeAEoAH4k9q5AsgBCakCbxYK8J6rsj6oAwHIA5sEqgT6AU%5FQeXtPPGBU8NfoO8jQVjDehgeZcCpeS8h%2Dc%5Ft1kMnQ2M3Dvjz3c4hcWhOcD%5Fu0KLbwO2Kml0KsK5J9eXMnhLWRILI%2DFyCUp%5FIOIsaLPrraLHlQV3DKnyWX6wGxfrYvQ61PBwRCPWbO5NnqYmgbnZXwjj7BCHtfax7uKnFV189FXiJ4mB8nAyMKvnHXQL7qBnM5z3uoUJSdLbMTzTOYM151wz8xrU5Bl0fyoyn9P2Iz2VhDmY%2Djpq9msRH%2D8%2DaEEoSWigXTBozBmqUDnMWH0i1Ty2nXVjPUcsZPJI5zQbL8BXVWVETCIDP6YEQP6qVSXLF6klLakkQypAnABISp5bnABOAEA4gF%5FPS4gU2QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYksfEs92ygwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CQ0iwE%2D3xlhbQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf%5FxgQdYDjysYKBbGMVSnETJhEUsoC8IPtwWsXVINceGu3wS1njxnYWzTbyB1DmohtQIpt90Ni7VBgB%26sig%3DAOD64%5F0gzcqfdSyluObp4JZb0s3jC1j1uw%26client%3Dca%2Dpub%2D9927393713550282%26dbm%5Fc%3DAKAmf%2DA%5F8xfA9BGAgyhf1VqcgWnAB%2DwN5HiXXxpgbavMNm%2DgvrOp%5FGjpIbh1ra7uHqb7xoBS7OiKbpK1Q1S%2DurdxGphvYwn9V1FBdISIpsTRPaxTcNlMbzlTOKmFEgKQHfXzbRYAS1lfyeeaWAXXpoBq57ZgJ7EkpuoTgDSa%2DeMlgLfhF45zwvI%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDyFVnZHp3XtMLgtVbEch2m%2DzKzlM8vWH%5F5rza0ghrL3NXO6z%2DGoVGYvH%5FBq0%5FCvWuwSS4RX4la99I9%2DDdV4ENCrPLaAEMxqk34hdmoSioB%5FBmWxHVyUYPJc9yewcucGdPHQMsmMEOPng%5FlvPmE37hZ%2DZoc9f5uQHV6CjJVc6UlE4XxmL1qfUO7LgOW6NzcjGmH4xH%2DGEyn7nZhkXd6Lq9CyUIqBfrCDOxbihVThFshXptVTJHCKYT6nKg2ZkZ2pzKdkB99%2DuY3yj90vVcWG%5FpEdnzBi01e%5Fc6r2E9tMUyOnAhiorbDfrexE2BODV56%5FFieCBoBuh62HK9bTqJLpVtd58GyxeMIIO33NaKK8ILA1g4VDm%2DpVyqph94mVnNbXjzSpups93ws2blKKAOIQtGgulZxcmgbe8267Bj3zzeMKA3mEH%5FJ6N2piSJl5ij7Na2VUetIFHtBMfu98Du6G5rqS7ZrxVJiwuJRDZo7mw6RS4J72VSeNtBzlucBo8HVk1oo7vhRtYvTRtO9w4yJqDo%2DyR6bM4tTNgLWbrWBb8vAWu1duTc%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7317709702059655527%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D1689%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7317709702063719638%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17773330%2526c%253D32692%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 28 Dec 2023 18:11:00 GMT
last-modified
Thu, 20 Apr 2023 09:39:57 GMT
accept-ranges
bytes
etag
"3775327975"
content-length
5796
content-type
image/png
letter_s.png
imagesrv.adition.com/banners/268/01/0f/33/12/images/ Frame 8F11 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/01/0f/33/12/images/letter_s.png?1680188594580
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
4dcf81a4accc515e2636c39a7f48a2b4185b56ac6324a510d9786d4f905f0d7f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/0f/33/12/Mueller_Sale_Grundrauschen_300x250_x_230330_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClsqBM7qNZfTfGfGPvcAP6oOH2Aqi2%5FvIdPH1l%2DnVEdq24u%2DaOBABIMDLpzVg9ZXOgeAEoAH4k9q5AsgBCakCbxYK8J6rsj6oAwHIA5sEqgT6AU%5FQeXtPPGBU8NfoO8jQVjDehgeZcCpeS8h%2Dc%5Ft1kMnQ2M3Dvjz3c4hcWhOcD%5Fu0KLbwO2Kml0KsK5J9eXMnhLWRILI%2DFyCUp%5FIOIsaLPrraLHlQV3DKnyWX6wGxfrYvQ61PBwRCPWbO5NnqYmgbnZXwjj7BCHtfax7uKnFV189FXiJ4mB8nAyMKvnHXQL7qBnM5z3uoUJSdLbMTzTOYM151wz8xrU5Bl0fyoyn9P2Iz2VhDmY%2Djpq9msRH%2D8%2DaEEoSWigXTBozBmqUDnMWH0i1Ty2nXVjPUcsZPJI5zQbL8BXVWVETCIDP6YEQP6qVSXLF6klLakkQypAnABISp5bnABOAEA4gF%5FPS4gU2QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYksfEs92ygwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CQ0iwE%2D3xlhbQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf%5FxgQdYDjysYKBbGMVSnETJhEUsoC8IPtwWsXVINceGu3wS1njxnYWzTbyB1DmohtQIpt90Ni7VBgB%26sig%3DAOD64%5F0gzcqfdSyluObp4JZb0s3jC1j1uw%26client%3Dca%2Dpub%2D9927393713550282%26dbm%5Fc%3DAKAmf%2DA%5F8xfA9BGAgyhf1VqcgWnAB%2DwN5HiXXxpgbavMNm%2DgvrOp%5FGjpIbh1ra7uHqb7xoBS7OiKbpK1Q1S%2DurdxGphvYwn9V1FBdISIpsTRPaxTcNlMbzlTOKmFEgKQHfXzbRYAS1lfyeeaWAXXpoBq57ZgJ7EkpuoTgDSa%2DeMlgLfhF45zwvI%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDyFVnZHp3XtMLgtVbEch2m%2DzKzlM8vWH%5F5rza0ghrL3NXO6z%2DGoVGYvH%5FBq0%5FCvWuwSS4RX4la99I9%2DDdV4ENCrPLaAEMxqk34hdmoSioB%5FBmWxHVyUYPJc9yewcucGdPHQMsmMEOPng%5FlvPmE37hZ%2DZoc9f5uQHV6CjJVc6UlE4XxmL1qfUO7LgOW6NzcjGmH4xH%2DGEyn7nZhkXd6Lq9CyUIqBfrCDOxbihVThFshXptVTJHCKYT6nKg2ZkZ2pzKdkB99%2DuY3yj90vVcWG%5FpEdnzBi01e%5Fc6r2E9tMUyOnAhiorbDfrexE2BODV56%5FFieCBoBuh62HK9bTqJLpVtd58GyxeMIIO33NaKK8ILA1g4VDm%2DpVyqph94mVnNbXjzSpups93ws2blKKAOIQtGgulZxcmgbe8267Bj3zzeMKA3mEH%5FJ6N2piSJl5ij7Na2VUetIFHtBMfu98Du6G5rqS7ZrxVJiwuJRDZo7mw6RS4J72VSeNtBzlucBo8HVk1oo7vhRtYvTRtO9w4yJqDo%2DyR6bM4tTNgLWbrWBb8vAWu1duTc%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7317709702059655527%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D1689%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7317709702063719638%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17773330%2526c%253D32692%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 28 Dec 2023 18:11:00 GMT
last-modified
Thu, 20 Apr 2023 09:39:57 GMT
accept-ranges
bytes
etag
"4140199149"
content-length
5278
content-type
image/png
logo_mu.png
imagesrv.adition.com/banners/268/01/0f/33/12/images/ Frame 8F11 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/01/0f/33/12/images/logo_mu.png?1680188594580
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
4cc7fe92b456f29156db82df7c355cdc8a7132b536cc989b40e6b0d2b7cf1c48

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/0f/33/12/Mueller_Sale_Grundrauschen_300x250_x_230330_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClsqBM7qNZfTfGfGPvcAP6oOH2Aqi2%5FvIdPH1l%2DnVEdq24u%2DaOBABIMDLpzVg9ZXOgeAEoAH4k9q5AsgBCakCbxYK8J6rsj6oAwHIA5sEqgT6AU%5FQeXtPPGBU8NfoO8jQVjDehgeZcCpeS8h%2Dc%5Ft1kMnQ2M3Dvjz3c4hcWhOcD%5Fu0KLbwO2Kml0KsK5J9eXMnhLWRILI%2DFyCUp%5FIOIsaLPrraLHlQV3DKnyWX6wGxfrYvQ61PBwRCPWbO5NnqYmgbnZXwjj7BCHtfax7uKnFV189FXiJ4mB8nAyMKvnHXQL7qBnM5z3uoUJSdLbMTzTOYM151wz8xrU5Bl0fyoyn9P2Iz2VhDmY%2Djpq9msRH%2D8%2DaEEoSWigXTBozBmqUDnMWH0i1Ty2nXVjPUcsZPJI5zQbL8BXVWVETCIDP6YEQP6qVSXLF6klLakkQypAnABISp5bnABOAEA4gF%5FPS4gU2QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYksfEs92ygwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CQ0iwE%2D3xlhbQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf%5FxgQdYDjysYKBbGMVSnETJhEUsoC8IPtwWsXVINceGu3wS1njxnYWzTbyB1DmohtQIpt90Ni7VBgB%26sig%3DAOD64%5F0gzcqfdSyluObp4JZb0s3jC1j1uw%26client%3Dca%2Dpub%2D9927393713550282%26dbm%5Fc%3DAKAmf%2DA%5F8xfA9BGAgyhf1VqcgWnAB%2DwN5HiXXxpgbavMNm%2DgvrOp%5FGjpIbh1ra7uHqb7xoBS7OiKbpK1Q1S%2DurdxGphvYwn9V1FBdISIpsTRPaxTcNlMbzlTOKmFEgKQHfXzbRYAS1lfyeeaWAXXpoBq57ZgJ7EkpuoTgDSa%2DeMlgLfhF45zwvI%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDyFVnZHp3XtMLgtVbEch2m%2DzKzlM8vWH%5F5rza0ghrL3NXO6z%2DGoVGYvH%5FBq0%5FCvWuwSS4RX4la99I9%2DDdV4ENCrPLaAEMxqk34hdmoSioB%5FBmWxHVyUYPJc9yewcucGdPHQMsmMEOPng%5FlvPmE37hZ%2DZoc9f5uQHV6CjJVc6UlE4XxmL1qfUO7LgOW6NzcjGmH4xH%2DGEyn7nZhkXd6Lq9CyUIqBfrCDOxbihVThFshXptVTJHCKYT6nKg2ZkZ2pzKdkB99%2DuY3yj90vVcWG%5FpEdnzBi01e%5Fc6r2E9tMUyOnAhiorbDfrexE2BODV56%5FFieCBoBuh62HK9bTqJLpVtd58GyxeMIIO33NaKK8ILA1g4VDm%2DpVyqph94mVnNbXjzSpups93ws2blKKAOIQtGgulZxcmgbe8267Bj3zzeMKA3mEH%5FJ6N2piSJl5ij7Na2VUetIFHtBMfu98Du6G5rqS7ZrxVJiwuJRDZo7mw6RS4J72VSeNtBzlucBo8HVk1oo7vhRtYvTRtO9w4yJqDo%2DyR6bM4tTNgLWbrWBb8vAWu1duTc%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7317709702059655527%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D1689%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7317709702063719638%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17773330%2526c%253D32692%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 28 Dec 2023 18:11:00 GMT
last-modified
Thu, 20 Apr 2023 09:39:56 GMT
accept-ranges
bytes
etag
"3846774943"
content-length
2457
content-type
image/png
prod_01.png
imagesrv.adition.com/banners/268/01/0f/33/12/images/ Frame 8F11 		900 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/01/0f/33/12/images/prod_01.png?1680188594580
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
a2c9887357f766acd32ebf4f7df38dd99abd4f32a4f96aab36a8432d6a6d29f3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/0f/33/12/Mueller_Sale_Grundrauschen_300x250_x_230330_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClsqBM7qNZfTfGfGPvcAP6oOH2Aqi2%5FvIdPH1l%2DnVEdq24u%2DaOBABIMDLpzVg9ZXOgeAEoAH4k9q5AsgBCakCbxYK8J6rsj6oAwHIA5sEqgT6AU%5FQeXtPPGBU8NfoO8jQVjDehgeZcCpeS8h%2Dc%5Ft1kMnQ2M3Dvjz3c4hcWhOcD%5Fu0KLbwO2Kml0KsK5J9eXMnhLWRILI%2DFyCUp%5FIOIsaLPrraLHlQV3DKnyWX6wGxfrYvQ61PBwRCPWbO5NnqYmgbnZXwjj7BCHtfax7uKnFV189FXiJ4mB8nAyMKvnHXQL7qBnM5z3uoUJSdLbMTzTOYM151wz8xrU5Bl0fyoyn9P2Iz2VhDmY%2Djpq9msRH%2D8%2DaEEoSWigXTBozBmqUDnMWH0i1Ty2nXVjPUcsZPJI5zQbL8BXVWVETCIDP6YEQP6qVSXLF6klLakkQypAnABISp5bnABOAEA4gF%5FPS4gU2QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYksfEs92ygwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CQ0iwE%2D3xlhbQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf%5FxgQdYDjysYKBbGMVSnETJhEUsoC8IPtwWsXVINceGu3wS1njxnYWzTbyB1DmohtQIpt90Ni7VBgB%26sig%3DAOD64%5F0gzcqfdSyluObp4JZb0s3jC1j1uw%26client%3Dca%2Dpub%2D9927393713550282%26dbm%5Fc%3DAKAmf%2DA%5F8xfA9BGAgyhf1VqcgWnAB%2DwN5HiXXxpgbavMNm%2DgvrOp%5FGjpIbh1ra7uHqb7xoBS7OiKbpK1Q1S%2DurdxGphvYwn9V1FBdISIpsTRPaxTcNlMbzlTOKmFEgKQHfXzbRYAS1lfyeeaWAXXpoBq57ZgJ7EkpuoTgDSa%2DeMlgLfhF45zwvI%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDyFVnZHp3XtMLgtVbEch2m%2DzKzlM8vWH%5F5rza0ghrL3NXO6z%2DGoVGYvH%5FBq0%5FCvWuwSS4RX4la99I9%2DDdV4ENCrPLaAEMxqk34hdmoSioB%5FBmWxHVyUYPJc9yewcucGdPHQMsmMEOPng%5FlvPmE37hZ%2DZoc9f5uQHV6CjJVc6UlE4XxmL1qfUO7LgOW6NzcjGmH4xH%2DGEyn7nZhkXd6Lq9CyUIqBfrCDOxbihVThFshXptVTJHCKYT6nKg2ZkZ2pzKdkB99%2DuY3yj90vVcWG%5FpEdnzBi01e%5Fc6r2E9tMUyOnAhiorbDfrexE2BODV56%5FFieCBoBuh62HK9bTqJLpVtd58GyxeMIIO33NaKK8ILA1g4VDm%2DpVyqph94mVnNbXjzSpups93ws2blKKAOIQtGgulZxcmgbe8267Bj3zzeMKA3mEH%5FJ6N2piSJl5ij7Na2VUetIFHtBMfu98Du6G5rqS7ZrxVJiwuJRDZo7mw6RS4J72VSeNtBzlucBo8HVk1oo7vhRtYvTRtO9w4yJqDo%2DyR6bM4tTNgLWbrWBb8vAWu1duTc%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7317709702059655527%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D1689%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7317709702063719638%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17773330%2526c%253D32692%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 28 Dec 2023 18:11:00 GMT
last-modified
Thu, 20 Apr 2023 09:39:57 GMT
accept-ranges
bytes
etag
"2792598534"
content-length
900
content-type
image/png
prod_02.png
imagesrv.adition.com/banners/268/01/0f/33/12/images/ Frame 8F11 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/01/0f/33/12/images/prod_02.png?1680188594580
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
c636dd211fa2d1e34b630815d9f02c827d94ba8ca25f6bee7af6a37b0d4c95b0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/0f/33/12/Mueller_Sale_Grundrauschen_300x250_x_230330_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClsqBM7qNZfTfGfGPvcAP6oOH2Aqi2%5FvIdPH1l%2DnVEdq24u%2DaOBABIMDLpzVg9ZXOgeAEoAH4k9q5AsgBCakCbxYK8J6rsj6oAwHIA5sEqgT6AU%5FQeXtPPGBU8NfoO8jQVjDehgeZcCpeS8h%2Dc%5Ft1kMnQ2M3Dvjz3c4hcWhOcD%5Fu0KLbwO2Kml0KsK5J9eXMnhLWRILI%2DFyCUp%5FIOIsaLPrraLHlQV3DKnyWX6wGxfrYvQ61PBwRCPWbO5NnqYmgbnZXwjj7BCHtfax7uKnFV189FXiJ4mB8nAyMKvnHXQL7qBnM5z3uoUJSdLbMTzTOYM151wz8xrU5Bl0fyoyn9P2Iz2VhDmY%2Djpq9msRH%2D8%2DaEEoSWigXTBozBmqUDnMWH0i1Ty2nXVjPUcsZPJI5zQbL8BXVWVETCIDP6YEQP6qVSXLF6klLakkQypAnABISp5bnABOAEA4gF%5FPS4gU2QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYksfEs92ygwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CQ0iwE%2D3xlhbQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf%5FxgQdYDjysYKBbGMVSnETJhEUsoC8IPtwWsXVINceGu3wS1njxnYWzTbyB1DmohtQIpt90Ni7VBgB%26sig%3DAOD64%5F0gzcqfdSyluObp4JZb0s3jC1j1uw%26client%3Dca%2Dpub%2D9927393713550282%26dbm%5Fc%3DAKAmf%2DA%5F8xfA9BGAgyhf1VqcgWnAB%2DwN5HiXXxpgbavMNm%2DgvrOp%5FGjpIbh1ra7uHqb7xoBS7OiKbpK1Q1S%2DurdxGphvYwn9V1FBdISIpsTRPaxTcNlMbzlTOKmFEgKQHfXzbRYAS1lfyeeaWAXXpoBq57ZgJ7EkpuoTgDSa%2DeMlgLfhF45zwvI%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDyFVnZHp3XtMLgtVbEch2m%2DzKzlM8vWH%5F5rza0ghrL3NXO6z%2DGoVGYvH%5FBq0%5FCvWuwSS4RX4la99I9%2DDdV4ENCrPLaAEMxqk34hdmoSioB%5FBmWxHVyUYPJc9yewcucGdPHQMsmMEOPng%5FlvPmE37hZ%2DZoc9f5uQHV6CjJVc6UlE4XxmL1qfUO7LgOW6NzcjGmH4xH%2DGEyn7nZhkXd6Lq9CyUIqBfrCDOxbihVThFshXptVTJHCKYT6nKg2ZkZ2pzKdkB99%2DuY3yj90vVcWG%5FpEdnzBi01e%5Fc6r2E9tMUyOnAhiorbDfrexE2BODV56%5FFieCBoBuh62HK9bTqJLpVtd58GyxeMIIO33NaKK8ILA1g4VDm%2DpVyqph94mVnNbXjzSpups93ws2blKKAOIQtGgulZxcmgbe8267Bj3zzeMKA3mEH%5FJ6N2piSJl5ij7Na2VUetIFHtBMfu98Du6G5rqS7ZrxVJiwuJRDZo7mw6RS4J72VSeNtBzlucBo8HVk1oo7vhRtYvTRtO9w4yJqDo%2DyR6bM4tTNgLWbrWBb8vAWu1duTc%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7317709702059655527%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D1689%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7317709702063719638%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17773330%2526c%253D32692%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 28 Dec 2023 18:11:00 GMT
last-modified
Thu, 20 Apr 2023 09:39:57 GMT
accept-ranges
bytes
etag
"76180730"
content-length
1171
content-type
image/png
prod_03.png
imagesrv.adition.com/banners/268/01/0f/33/12/images/ Frame 8F11 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/01/0f/33/12/images/prod_03.png?1680188594580
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
e9e5166f14756adb809b5e2ca03ff10cc933c8eb4a0302e8d97eb16026d4d2f4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/0f/33/12/Mueller_Sale_Grundrauschen_300x250_x_230330_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClsqBM7qNZfTfGfGPvcAP6oOH2Aqi2%5FvIdPH1l%2DnVEdq24u%2DaOBABIMDLpzVg9ZXOgeAEoAH4k9q5AsgBCakCbxYK8J6rsj6oAwHIA5sEqgT6AU%5FQeXtPPGBU8NfoO8jQVjDehgeZcCpeS8h%2Dc%5Ft1kMnQ2M3Dvjz3c4hcWhOcD%5Fu0KLbwO2Kml0KsK5J9eXMnhLWRILI%2DFyCUp%5FIOIsaLPrraLHlQV3DKnyWX6wGxfrYvQ61PBwRCPWbO5NnqYmgbnZXwjj7BCHtfax7uKnFV189FXiJ4mB8nAyMKvnHXQL7qBnM5z3uoUJSdLbMTzTOYM151wz8xrU5Bl0fyoyn9P2Iz2VhDmY%2Djpq9msRH%2D8%2DaEEoSWigXTBozBmqUDnMWH0i1Ty2nXVjPUcsZPJI5zQbL8BXVWVETCIDP6YEQP6qVSXLF6klLakkQypAnABISp5bnABOAEA4gF%5FPS4gU2QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYksfEs92ygwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CQ0iwE%2D3xlhbQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf%5FxgQdYDjysYKBbGMVSnETJhEUsoC8IPtwWsXVINceGu3wS1njxnYWzTbyB1DmohtQIpt90Ni7VBgB%26sig%3DAOD64%5F0gzcqfdSyluObp4JZb0s3jC1j1uw%26client%3Dca%2Dpub%2D9927393713550282%26dbm%5Fc%3DAKAmf%2DA%5F8xfA9BGAgyhf1VqcgWnAB%2DwN5HiXXxpgbavMNm%2DgvrOp%5FGjpIbh1ra7uHqb7xoBS7OiKbpK1Q1S%2DurdxGphvYwn9V1FBdISIpsTRPaxTcNlMbzlTOKmFEgKQHfXzbRYAS1lfyeeaWAXXpoBq57ZgJ7EkpuoTgDSa%2DeMlgLfhF45zwvI%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDyFVnZHp3XtMLgtVbEch2m%2DzKzlM8vWH%5F5rza0ghrL3NXO6z%2DGoVGYvH%5FBq0%5FCvWuwSS4RX4la99I9%2DDdV4ENCrPLaAEMxqk34hdmoSioB%5FBmWxHVyUYPJc9yewcucGdPHQMsmMEOPng%5FlvPmE37hZ%2DZoc9f5uQHV6CjJVc6UlE4XxmL1qfUO7LgOW6NzcjGmH4xH%2DGEyn7nZhkXd6Lq9CyUIqBfrCDOxbihVThFshXptVTJHCKYT6nKg2ZkZ2pzKdkB99%2DuY3yj90vVcWG%5FpEdnzBi01e%5Fc6r2E9tMUyOnAhiorbDfrexE2BODV56%5FFieCBoBuh62HK9bTqJLpVtd58GyxeMIIO33NaKK8ILA1g4VDm%2DpVyqph94mVnNbXjzSpups93ws2blKKAOIQtGgulZxcmgbe8267Bj3zzeMKA3mEH%5FJ6N2piSJl5ij7Na2VUetIFHtBMfu98Du6G5rqS7ZrxVJiwuJRDZo7mw6RS4J72VSeNtBzlucBo8HVk1oo7vhRtYvTRtO9w4yJqDo%2DyR6bM4tTNgLWbrWBb8vAWu1duTc%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7317709702059655527%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D1689%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7317709702063719638%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17773330%2526c%253D32692%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 28 Dec 2023 18:11:01 GMT
last-modified
Thu, 20 Apr 2023 09:39:57 GMT
accept-ranges
bytes
etag
"3910822632"
content-length
1251
content-type
image/png
prod_04.png
imagesrv.adition.com/banners/268/01/0f/33/12/images/ Frame 8F11 		710 B
784 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/01/0f/33/12/images/prod_04.png?1680188594580
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
e3481a6871569d448b57a7d4ef0a64f95f2af65f7d4520cb0e16d8d19f25e948

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/0f/33/12/Mueller_Sale_Grundrauschen_300x250_x_230330_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClsqBM7qNZfTfGfGPvcAP6oOH2Aqi2%5FvIdPH1l%2DnVEdq24u%2DaOBABIMDLpzVg9ZXOgeAEoAH4k9q5AsgBCakCbxYK8J6rsj6oAwHIA5sEqgT6AU%5FQeXtPPGBU8NfoO8jQVjDehgeZcCpeS8h%2Dc%5Ft1kMnQ2M3Dvjz3c4hcWhOcD%5Fu0KLbwO2Kml0KsK5J9eXMnhLWRILI%2DFyCUp%5FIOIsaLPrraLHlQV3DKnyWX6wGxfrYvQ61PBwRCPWbO5NnqYmgbnZXwjj7BCHtfax7uKnFV189FXiJ4mB8nAyMKvnHXQL7qBnM5z3uoUJSdLbMTzTOYM151wz8xrU5Bl0fyoyn9P2Iz2VhDmY%2Djpq9msRH%2D8%2DaEEoSWigXTBozBmqUDnMWH0i1Ty2nXVjPUcsZPJI5zQbL8BXVWVETCIDP6YEQP6qVSXLF6klLakkQypAnABISp5bnABOAEA4gF%5FPS4gU2QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYksfEs92ygwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CQ0iwE%2D3xlhbQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf%5FxgQdYDjysYKBbGMVSnETJhEUsoC8IPtwWsXVINceGu3wS1njxnYWzTbyB1DmohtQIpt90Ni7VBgB%26sig%3DAOD64%5F0gzcqfdSyluObp4JZb0s3jC1j1uw%26client%3Dca%2Dpub%2D9927393713550282%26dbm%5Fc%3DAKAmf%2DA%5F8xfA9BGAgyhf1VqcgWnAB%2DwN5HiXXxpgbavMNm%2DgvrOp%5FGjpIbh1ra7uHqb7xoBS7OiKbpK1Q1S%2DurdxGphvYwn9V1FBdISIpsTRPaxTcNlMbzlTOKmFEgKQHfXzbRYAS1lfyeeaWAXXpoBq57ZgJ7EkpuoTgDSa%2DeMlgLfhF45zwvI%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDyFVnZHp3XtMLgtVbEch2m%2DzKzlM8vWH%5F5rza0ghrL3NXO6z%2DGoVGYvH%5FBq0%5FCvWuwSS4RX4la99I9%2DDdV4ENCrPLaAEMxqk34hdmoSioB%5FBmWxHVyUYPJc9yewcucGdPHQMsmMEOPng%5FlvPmE37hZ%2DZoc9f5uQHV6CjJVc6UlE4XxmL1qfUO7LgOW6NzcjGmH4xH%2DGEyn7nZhkXd6Lq9CyUIqBfrCDOxbihVThFshXptVTJHCKYT6nKg2ZkZ2pzKdkB99%2DuY3yj90vVcWG%5FpEdnzBi01e%5Fc6r2E9tMUyOnAhiorbDfrexE2BODV56%5FFieCBoBuh62HK9bTqJLpVtd58GyxeMIIO33NaKK8ILA1g4VDm%2DpVyqph94mVnNbXjzSpups93ws2blKKAOIQtGgulZxcmgbe8267Bj3zzeMKA3mEH%5FJ6N2piSJl5ij7Na2VUetIFHtBMfu98Du6G5rqS7ZrxVJiwuJRDZo7mw6RS4J72VSeNtBzlucBo8HVk1oo7vhRtYvTRtO9w4yJqDo%2DyR6bM4tTNgLWbrWBb8vAWu1duTc%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7317709702059655527%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D1689%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7317709702063719638%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17773330%2526c%253D32692%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 28 Dec 2023 18:11:01 GMT
last-modified
Thu, 20 Apr 2023 09:39:57 GMT
accept-ranges
bytes
etag
"2492721727"
content-length
710
content-type
image/png
dt
dt.adsafeprotected.com/ Frame C55C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1860407&asId=c43e03f5-22b4-1274-3622-8669521df902&tv=%7Bc:y7vvNX,time:1049,type:e,im:%7Bpci:%7Btdr:1005%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1049,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1045~0%5D,as:%5B677~0.0,368~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:228,fm:tZL6RZW+11%7C12%7C13%7C14%7C1511%7C16%7C17%7C1811%7C1812%7C191%7C192%7C1a1*.1860407-77125228%7C1a11%7C1a12%7C1a13%7C1b%7C1c%7C1d,idMap:1a1*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:16,sis:137%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:cd5:899e:b17a:f69d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:11:01 GMT
server
nginx
x-server-name
dt28.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
prod_05.png
imagesrv.adition.com/banners/268/01/0f/33/12/images/ Frame 8F11 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/01/0f/33/12/images/prod_05.png?1680188594580
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
2381b4af8b6bcd4fca02dceb55ed340898aa10e155b0d386d662ab612f1fb930

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/0f/33/12/Mueller_Sale_Grundrauschen_300x250_x_230330_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClsqBM7qNZfTfGfGPvcAP6oOH2Aqi2%5FvIdPH1l%2DnVEdq24u%2DaOBABIMDLpzVg9ZXOgeAEoAH4k9q5AsgBCakCbxYK8J6rsj6oAwHIA5sEqgT6AU%5FQeXtPPGBU8NfoO8jQVjDehgeZcCpeS8h%2Dc%5Ft1kMnQ2M3Dvjz3c4hcWhOcD%5Fu0KLbwO2Kml0KsK5J9eXMnhLWRILI%2DFyCUp%5FIOIsaLPrraLHlQV3DKnyWX6wGxfrYvQ61PBwRCPWbO5NnqYmgbnZXwjj7BCHtfax7uKnFV189FXiJ4mB8nAyMKvnHXQL7qBnM5z3uoUJSdLbMTzTOYM151wz8xrU5Bl0fyoyn9P2Iz2VhDmY%2Djpq9msRH%2D8%2DaEEoSWigXTBozBmqUDnMWH0i1Ty2nXVjPUcsZPJI5zQbL8BXVWVETCIDP6YEQP6qVSXLF6klLakkQypAnABISp5bnABOAEA4gF%5FPS4gU2QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYksfEs92ygwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CQ0iwE%2D3xlhbQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf%5FxgQdYDjysYKBbGMVSnETJhEUsoC8IPtwWsXVINceGu3wS1njxnYWzTbyB1DmohtQIpt90Ni7VBgB%26sig%3DAOD64%5F0gzcqfdSyluObp4JZb0s3jC1j1uw%26client%3Dca%2Dpub%2D9927393713550282%26dbm%5Fc%3DAKAmf%2DA%5F8xfA9BGAgyhf1VqcgWnAB%2DwN5HiXXxpgbavMNm%2DgvrOp%5FGjpIbh1ra7uHqb7xoBS7OiKbpK1Q1S%2DurdxGphvYwn9V1FBdISIpsTRPaxTcNlMbzlTOKmFEgKQHfXzbRYAS1lfyeeaWAXXpoBq57ZgJ7EkpuoTgDSa%2DeMlgLfhF45zwvI%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDyFVnZHp3XtMLgtVbEch2m%2DzKzlM8vWH%5F5rza0ghrL3NXO6z%2DGoVGYvH%5FBq0%5FCvWuwSS4RX4la99I9%2DDdV4ENCrPLaAEMxqk34hdmoSioB%5FBmWxHVyUYPJc9yewcucGdPHQMsmMEOPng%5FlvPmE37hZ%2DZoc9f5uQHV6CjJVc6UlE4XxmL1qfUO7LgOW6NzcjGmH4xH%2DGEyn7nZhkXd6Lq9CyUIqBfrCDOxbihVThFshXptVTJHCKYT6nKg2ZkZ2pzKdkB99%2DuY3yj90vVcWG%5FpEdnzBi01e%5Fc6r2E9tMUyOnAhiorbDfrexE2BODV56%5FFieCBoBuh62HK9bTqJLpVtd58GyxeMIIO33NaKK8ILA1g4VDm%2DpVyqph94mVnNbXjzSpups93ws2blKKAOIQtGgulZxcmgbe8267Bj3zzeMKA3mEH%5FJ6N2piSJl5ij7Na2VUetIFHtBMfu98Du6G5rqS7ZrxVJiwuJRDZo7mw6RS4J72VSeNtBzlucBo8HVk1oo7vhRtYvTRtO9w4yJqDo%2DyR6bM4tTNgLWbrWBb8vAWu1duTc%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7317709702059655527%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D1689%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7317709702063719638%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7317709697785332071%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17773330%2526c%253D32692%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 28 Dec 2023 18:11:01 GMT
last-modified
Thu, 20 Apr 2023 09:39:57 GMT
accept-ranges
bytes
etag
"4135759387"
content-length
1856
content-type
image/png
collect
l.clarity.ms/ 		0
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.120.65.166 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://owo.vn/neu-ma/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://owo.vn
Date
Thu, 28 Dec 2023 18:11:01 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
gen_204
pagead2.googlesyndication.com/pagead/ Frame C55C 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7907435931400&version=m202309260101&ct=76&x=1&cor=17201279820529598000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:11:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C55C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst9kTOpEh_hDS2wdX-MzR1tjh_GH7_5CgAh-B9BiSMuWlWvoq3Gs9bee0y8awdYOxNYBFINfwb_1-Qad4gJEXQKEuagOUIVOEEwG9n5vYbd7vSWTq3w8DWQR5Eu2zF_j_gbu3u2AhO4rI2matOKoqaLlaAa&sai=AMfl-YQqJS5qnWbLLdTqSgZ7RI5T_rzZt5jPpc4FLzxtx4rXSEa_tU1rA74Xc2ZW0hnE3qrmDV1rY4f2g9dvHOVjTyV34BW-dqnb1erZxLTSjXin5NfDO-AX6xox1NBIMMK9BzUkaaiCJnxvRHohosg6aw&sig=Cg0ArKJSzBvtUDmWbKujEAE&cid=CAQSTwAvHhf_cBRI7OLw2Rosogfc0s-WZhqW1KrZk9672V27s54n_30fMu4GQHn8deeEdgh9F0W_P_3jXLKPXTcgq5rS6jasfF4j2J_M_UnzWH8YAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703787059423&rpt=386&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:11:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E2FF 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2754550091870&version=m202309260101&ct=77&x=1&cor=17726378969594253000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:11:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 082E 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Goog-Request-Time
1703787062080
Content-Type
application/json
X-YouTube-Utc-Offset
60
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/OZjWSxbEh4Y?
X-YouTube-Client-Version
1.20231217.00.00
X-YouTube-Time-Zone
Europe/Zurich
X-Goog-Visitor-Id
CgtXaUpWTndXOEtjayiz9LasBjIKCgJDSBIEGgAgaQ%3D%3D
X-YouTube-Ad-Signals
dt=1703787059602&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C750%2C422&vis=1&wgl=true&ca_type=image&bid=ANyPxKpHZmZGGJ-F69FXupBcvKBj_gh2K1QUQoIsq8TF7ummRT-UdxyDBMM5X714Rp6UDTPP-txfQPIHDz2B59lFfe7ZFD57oA

Response headers

date
Thu, 28 Dec 2023 18:11:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Thu, 28 Dec 2023 18:11:02 GMT
dt
dt.adsafeprotected.com/ Frame C55C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1860407&asId=c43e03f5-22b4-1274-3622-8669521df902&tv=%7Bc:y7vwej,pingTime:1,time:2683,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:16%7D,%7Br:r,w:160,h:600,t:681%7D,%7Bpiv:100,vs:i,r:,t:1682%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1682,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1678~0,0~100%5D,as:%5B677~0.0,1001~160.600%5D%7D%7D,%7Bsl:i,t:1682,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:200,fm:tZL6RZW+11%7C12%7C13%7C14%7C1511%7C16%7C17%7C1811%7C1812%7C191%7C192%7C1a1*.1860407-77125228%7C1a11%7C1a12%7C1a13%7C1b%7C1c%7C1d,idMap:1a1*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:16,sis:137%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:cd5:899e:b17a:f69d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:11:02 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame C55C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1860407&asId=c43e03f5-22b4-1274-3622-8669521df902&tv=%7Bc:y7vwej,pingTime:1,time:2683,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:16%7D,%7Br:r,w:160,h:600,t:681%7D,%7Bpiv:100,vs:i,r:,t:1682%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1682,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1678~0,0~100%5D,as:%5B677~0.0,1001~160.600%5D%7D%7D,%7Bsl:i,t:1682,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:200,fm:tZL6RZW+11%7C12%7C13%7C14%7C1511%7C16%7C17%7C1811%7C1812%7C191%7C192%7C1a1*.1860407-77125228%7C1a11%7C1a12%7C1a13%7C1b%7C1c%7C1d,idMap:1a1*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:16,sis:137%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:cd5:899e:b17a:f69d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 18:11:02 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.facebook.com
URL
https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2c4ec5b9edfc78%26domain%3Dowo.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fowo.vn%252Ff3715b6b69d7c9%26relation%3Dparent.parent&current_url=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=vi_VN&log_id=7193ec80-3786-4522-9c70-c5bee7174054&logged_in_greeting=Mr%20Kh%C3%A1nh%200963138666%20xin%20ch%C3%A0o%20b%E1%BA%A1n!%20T%C3%B4i%20c%C3%B3%20th%E1%BB%83%20gi%C3%BAp%20g%C3%AC%20cho%20b%E1%BA%A1n%20kh%C3%B4ng%3F&logged_out_greeting=Mr%20Kh%C3%A1nh%200963138666%20xin%20ch%C3%A0o%20b%E1%BA%A1n!%20T%C3%B4i%20c%C3%B3%20th%E1%BB%83%20gi%C3%BAp%20g%C3%AC%20cho%20b%E1%BA%A1n%20kh%C3%B4ng%3F&page_id=105764484141764&request_time=1703787059216&sdk=joey&should_use_new_domain=false&suppress_http_code=1
Domain
www.facebook.com
URL
https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2c4ec5b9edfc78%26domain%3Dowo.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fowo.vn%252Ff3715b6b69d7c9%26relation%3Dparent.parent&current_url=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&event_name=chat_plugin_sdk_facade_load&is_loaded_by_facade=true&loading_time=192&locale=vi_VN&log_id=7193ec80-3786-4522-9c70-c5bee7174054&logged_in_greeting=Mr%20Kh%C3%A1nh%200963138666%20xin%20ch%C3%A0o%20b%E1%BA%A1n!%20T%C3%B4i%20c%C3%B3%20th%E1%BB%83%20gi%C3%BAp%20g%C3%AC%20cho%20b%E1%BA%A1n%20kh%C3%B4ng%3F&logged_out_greeting=Mr%20Kh%C3%A1nh%200963138666%20xin%20ch%C3%A0o%20b%E1%BA%A1n!%20T%C3%B4i%20c%C3%B3%20th%E1%BB%83%20gi%C3%BAp%20g%C3%AC%20cho%20b%E1%BA%A1n%20kh%C3%B4ng%3F&page_id=105764484141764&request_time=1703787059408&sdk=joey&should_use_new_domain=false&suppress_http_code=1

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| documentPictureInPicture undefined| $ function| jQuery function| getuhchatCookie function| setuhchatCookie number| vitridau function| uhchatClick boolean| uhchatduplicate function| LazyLoad function| optimocha_getCookie function| optimocha_check_wc_cart_script object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| clarity function| fbAsyncInit object| wc_cart_fragments_params object| genesis_responsive_menu object| genesisMenuParams object| genesisMenusUnchecked object| genesisMenus object| menusToCombine function| Cookies object| addComment string| google_user_agent_client_hint object| FB function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| GoogleGcLKhOms object| googletag

36 Cookies

Domain/Path Name / Value
uhchat.net/chat Name: thoigianvao0be7c1
Value: 1703787058
uhchat.net/chat Name: chattudong0be7c1
Value: 1703787058
owo.vn/ Name: uhchatrelock
Value: 0
www.clarity.ms/ Name: CLID
Value: e94e408df9d14e75b852206532f7e91f.20231228.20241227
.owo.vn/ Name: _clck
Value: 1ized7m%7C2%7Cfhx%7C0%7C1457
.owo.vn/ Name: _clsk
Value: 1r9a84z%7C1703787058892%7C1%7C1%7Cl.clarity.ms%2Fcollect
.owo.vn/ Name: __gads
Value: ID=cb92e3c60995ce02:T=1703787058:RT=1703787058:S=ALNI_MYasj_kBtplPDu8_G4h9hfkeknCMA
.owo.vn/ Name: __gpi
Value: UID=00000d2eef2d12c8:T=1703787058:RT=1703787058:S=ALNI_MZw9KVo1QjegRp1fxoW7sSMIzTArg
.youtube.com/ Name: YSC
Value: ll_fBwAWA4s
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: WiJVNwW8Kck
.bing.com/ Name: MUID
Value: 22DA663E27E76CA62C9475CB264B6D74
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 22DA663E27E76CA62C9475CB264B6D74
.casalemedia.com/ Name: CMID
Value: ZY26MxKMFqBZJe8SHS.bfQAA
.casalemedia.com/ Name: CMPS
Value: 5210
.casalemedia.com/ Name: CMPRO
Value: 5210
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 22DA663E27E76CA62C9475CB264B6D74
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUkkD_BOlGDhZ4aJGGH0O9Yc3GOYZKFcdNYrealjCc0oJyCKAs7GZTF_7TgXGBA
.adfarm1.adition.com/ Name: UserID1
Value: 7317709697785332071
.6sc.co/ Name: 6suuid
Value: b46411021dd2390034ba8d6571000000ea5f9700
.adfarm1.adition.com/ Name: lv_5626024
Value: w=4787111|t=1703787059
.doubleclick.net/ Name: ar_debug
Value: 1
.adfarm1.adition.com/ Name: lv_5609187
Value: w=4389193|t=1703787059
.quantserve.com/ Name: d
Value: EFABCQHiKoEA
.quantserve.com/ Name: mc
Value: 658dba34-9ea7b-62777-426f6
.adx.opera.com/ Name: UID
Value: OPU69b33c17e22947388e96f63a5063326a
.yahoo.com/ Name: A3
Value: d=AQABBDS6jWUCEDXl9mtEAiOsYBm7GLUy3Q0FEgEBAQELj2WXZQAAAAAA_eMAAA&S=AQAAApcE4CkJu_Gdro1xCt_YbLU
.zemanta.com/ Name: zuid
Value: Yr9EK4vmkNqCY-vRr4Sq
.c.appier.net/ Name: _auid
Value: B3rkcof8DROt4DNBNbqNZQ
.c.appier.net/ Name: _gu
Value: CAESEHCnfeuNEjpz44-cYf7e0T4
.r-ad.ne.jp/ Name: r_ad_token
Value: 583IB100kBDE8006V3fT
.turn.com/ Name: uid
Value: 8266755238869522432

4 Console Messages

Source Level URL
Text
javascript error URL: https://owo.vn/neu-ma/
Message:
Access to XMLHttpRequest at 'https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2c4ec5b9edfc78%26domain%3Dowo.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fowo.vn%252Ff3715b6b69d7c9%26relation%3Dparent.parent&current_url=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=vi_VN&log_id=7193ec80-3786-4522-9c70-c5bee7174054&logged_in_greeting=Mr%20Kh%C3%A1nh%200963138666%20xin%20ch%C3%A0o%20b%E1%BA%A1n!%20T%C3%B4i%20c%C3%B3%20th%E1%BB%83%20gi%C3%BAp%20g%C3%AC%20cho%20b%E1%BA%A1n%20kh%C3%B4ng%3F&logged_out_greeting=Mr%20Kh%C3%A1nh%200963138666%20xin%20ch%C3%A0o%20b%E1%BA%A1n!%20T%C3%B4i%20c%C3%B3%20th%E1%BB%83%20gi%C3%BAp%20g%C3%AC%20cho%20b%E1%BA%A1n%20kh%C3%B4ng%3F&page_id=105764484141764&request_time=1703787059216&sdk=joey&should_use_new_domain=false&suppress_http_code=1' from origin 'https://owo.vn' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2c4ec5b9edfc78%26domain%3Dowo.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fowo.vn%252Ff3715b6b69d7c9%26relation%3Dparent.parent&current_url=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=vi_VN&log_id=7193ec80-3786-4522-9c70-c5bee7174054&logged_in_greeting=Mr%20Kh%C3%A1nh%200963138666%20xin%20ch%C3%A0o%20b%E1%BA%A1n!%20T%C3%B4i%20c%C3%B3%20th%E1%BB%83%20gi%C3%BAp%20g%C3%AC%20cho%20b%E1%BA%A1n%20kh%C3%B4ng%3F&logged_out_greeting=Mr%20Kh%C3%A1nh%200963138666%20xin%20ch%C3%A0o%20b%E1%BA%A1n!%20T%C3%B4i%20c%C3%B3%20th%E1%BB%83%20gi%C3%BAp%20g%C3%AC%20cho%20b%E1%BA%A1n%20kh%C3%B4ng%3F&page_id=105764484141764&request_time=1703787059216&sdk=joey&should_use_new_domain=false&suppress_http_code=1
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://owo.vn/neu-ma/
Message:
Access to XMLHttpRequest at 'https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2c4ec5b9edfc78%26domain%3Dowo.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fowo.vn%252Ff3715b6b69d7c9%26relation%3Dparent.parent&current_url=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&event_name=chat_plugin_sdk_facade_load&is_loaded_by_facade=true&loading_time=192&locale=vi_VN&log_id=7193ec80-3786-4522-9c70-c5bee7174054&logged_in_greeting=Mr%20Kh%C3%A1nh%200963138666%20xin%20ch%C3%A0o%20b%E1%BA%A1n!%20T%C3%B4i%20c%C3%B3%20th%E1%BB%83%20gi%C3%BAp%20g%C3%AC%20cho%20b%E1%BA%A1n%20kh%C3%B4ng%3F&logged_out_greeting=Mr%20Kh%C3%A1nh%200963138666%20xin%20ch%C3%A0o%20b%E1%BA%A1n!%20T%C3%B4i%20c%C3%B3%20th%E1%BB%83%20gi%C3%BAp%20g%C3%AC%20cho%20b%E1%BA%A1n%20kh%C3%B4ng%3F&page_id=105764484141764&request_time=1703787059408&sdk=joey&should_use_new_domain=false&suppress_http_code=1' from origin 'https://owo.vn' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2c4ec5b9edfc78%26domain%3Dowo.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fowo.vn%252Ff3715b6b69d7c9%26relation%3Dparent.parent&current_url=https%3A%2F%2Fowo.vn%2Fneu-ma%2F&event_name=chat_plugin_sdk_facade_load&is_loaded_by_facade=true&loading_time=192&locale=vi_VN&log_id=7193ec80-3786-4522-9c70-c5bee7174054&logged_in_greeting=Mr%20Kh%C3%A1nh%200963138666%20xin%20ch%C3%A0o%20b%E1%BA%A1n!%20T%C3%B4i%20c%C3%B3%20th%E1%BB%83%20gi%C3%BAp%20g%C3%AC%20cho%20b%E1%BA%A1n%20kh%C3%B4ng%3F&logged_out_greeting=Mr%20Kh%C3%A1nh%200963138666%20xin%20ch%C3%A0o%20b%E1%BA%A1n!%20T%C3%B4i%20c%C3%B3%20th%E1%BB%83%20gi%C3%BAp%20g%C3%AC%20cho%20b%E1%BA%A1n%20kh%C3%B4ng%3F&page_id=105764484141764&request_time=1703787059408&sdk=joey&should_use_new_domain=false&suppress_http_code=1
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.c.appier.net
ad.doubleclick.net
ad.turn.com
ad2.adfarm1.adition.com
ad4.adfarm1.adition.com
b1sync.zemanta.com
c.bing.com
c.clarity.ms
cm.g.doubleclick.net
cms.quantserve.com
code.createjs.com
connect.facebook.net
cs.r-ad.ne.jp
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.ytimg.com
imagesrv.adition.com
jnn-pa.googleapis.com
l.clarity.ms
owo.vn
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
r.turn.com
s0.2mdn.net
static.adsafeprotected.com
static.doubleclick.net
t.6sc.co
t.adx.opera.com
tpc.googlesyndication.com
uhchat.net
www.clarity.ms
www.facebook.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
www.facebook.com
104.18.36.155
142.250.181.230
142.250.186.66
172.104.105.5
18.177.11.95
2.17.100.184
20.120.65.166
216.58.206.34
217.79.188.21
217.79.188.46
217.79.188.59
2600:1f13:800:7781:cd5:899e:b17a:f69d
2600:9000:20ab:e800:8:48e:53c0:93a1
2606:4700:3034::ac43:a77f
2606:4700:3037::6815:267b
2620:116:800d:21:e365:4988:e8a7:3270
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:808::2006
2a00:1450:4001:809::2004
2a00:1450:4001:80f::2006
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::2016
2a00:1450:4001:831::200a
2a02:26f0:3500:11::215:14cb
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a05:d018:d29:3602:97f5:4393:5614:bb1a
46.228.164.11
52.209.226.11
64.74.236.95
68.219.88.97
82.145.213.8
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02c3d40f5a164d5cebbd5e276182d1f73802521d3fc9420c54d6f55716637682
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
0b1268d82717b049c3ccabaa897ec15bee4b2fa1d899ef8f12cb9c704313daee
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dfa6a82824cf2be6bb8543de6ef56b87daae5dd63f9e68c88f02697f94af740
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
10401ac06ae4223f73fa2a344d85263b8f01dbac3b8e29aa5f1b259ff38c6b10
15501b895259da7c075bbd1ea995860c4639cab601bea198ff0774474ecbf6d3
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
194388578fe16a8f6d0790e1af9f6f935a03b3ecb8d7620f0ebca642761ebc88
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
203881ea967d9b49467424b4425e2108d2946f70f5713bde4b86c53dcbd0e6ee
20f3156123e8c6d51bd8b524f23ba9a7e0245b188dc7d87b1ba272be3d886e9e
2381b4af8b6bcd4fca02dceb55ed340898aa10e155b0d386d662ab612f1fb930
23fc73c938300616bdc13dff22eae90c2d31cf675891840b31c1d66a81d82021
2440613ec7e16e34670890d4af5ac108dd69a770d2e0a11f6ea58793b278c59d
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
27dff78f585f6fbb72773afbfac0dcc2bc52437fee2fc63fdfb30abee592d025
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e43938512568a6819be40d8c79292dc4b5d9ac9888f23a9f5ba931f98ce81aa
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35ecd81219684605c1ba4264495f5d1280c1e72d76c5f8d6c5a67666b6b689fb
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
392af94528f9ffb1948e828feb7c1ee063915ad94f83b94ddf984a709b48deef
3958c5810faeec852821ed63b98dd4b101f2220ca6d839e94a32fcd26571ff10
3b8f1ba8fe652c356d5e0ec0b158a5a34280470d564fb12788fe6479c694e024
3bbabd7a756134c28330f44e37d16d17350c7ff99342bd72d85387846457548e
3c366012f38dca01ffac478b10c620bcea3e773e75c5dd067abcc1b667095441
3d243724e397b928a15de4b7ea42cce2aa6fb8a45a76c0d28346de289401a1b7
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4407ed6ee8d4bf80c31efbebaf0af9c89fb1e35d3eef458186ad2972e355515b
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49585be808b6675a64e868eed81caa0f3a480cc623821fd6dc924917290c923d
4cc7fe92b456f29156db82df7c355cdc8a7132b536cc989b40e6b0d2b7cf1c48
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dcf81a4accc515e2636c39a7f48a2b4185b56ac6324a510d9786d4f905f0d7f
4fa0fa22c8b16c30840d143d038022221877cf00beb6cd9ca402a1aaf6212e28
5319c94823585e739f61ed33e6f6e066422796acdacefda6fb135220786110eb
53995c36d88e2295655238ae0dcf6024d5cf35fecb67602d49d0a30d8f54f552
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
59ea9ab170419b74a62021ccf7541281cb5b0a2da05d4b7aaafbec92c91ffd05
5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6250ccbcd62c9edbc0e9cc8a39ae7c3a5afd7705d129bae6cec75df738fac01e
6356dca74d480f9fe67e7a08ad460f342880cfb3004f3ef6d8df6db39edae277
64ecb32988464ab201da71e9a2f55c11ad53a8d668a88da0b046b25319f9a432
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
698bcb134accc02c2a6d8ea90c2bb1eed8ac90ebbd55ddb99441cf9898c99733
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
6c4fdaa68e77aa16ff51257f69ff8f8301279478ffdbb37f380591c621f1f4aa
6f517ea6ea6cd55285b61d90dc256015c22bb9fc9cc3a16384860623bd1dcb6b
6fe7f0de80b14b57a088584f12bdeb92d9aeea7d75b4897629717b35f5e9c85e
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
7150e6de30fc2652cfc6bf6cd0b55afb42055483d4c16442dd8d6aaab6b467b4
7499d7be95e3c0434bae2928f93d5cfdb3246b712774208c90dec6c78c180f7e
773fb5adec327ce13eb809dd30a269058bbc09c6fbf0e42c8db07d8c97d9ae88
7ae7373574a9f4b6ebd1f5d141724b50d43e799671709339bdb39e30a8a0b3a5
7fd05182f9fe1a9652cae1fa97c9c4eaef2e4774a8a9e4f50288fc49721797e3
851503e2982486034cdd7abff85744944a29e3d7d61317af2297682507a7698e
85bd0a750c57573df2c196f046712c19af7fd05afa6c81664d1cc1a5649bef65
86a37cb1e02fd42c193efcb4543f511cd74bdd9d47a89dbfff49633784951f3b
86e3f471be2bcdec677c4227dab41bc5ec875268f3b75c4458ce6bbf77b922d0
88f4a6164ffbbbcbab2e6b3cd061b919caca2de3e4a69c88c67ee4f8b571054f
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
93847d298d6665b62e785756a9cdc1044654fe7d69af399b56e221349c026b99
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9f995e8440ba362aeba6130e1bc2b329b032db16c6dc195a92ea84992f054241
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a10e79b307c343dc0165e65b0f8420facbdb366728f576aee60ba07b5de578fe
a12842390c74424ff31cb1a869cd98863468e14d49fd4f147747575b2225781c
a230188fa5bf5d038e6c5aa630498ade511402176fd76ec62ad0c6ee3bf5b79c
a2c9887357f766acd32ebf4f7df38dd99abd4f32a4f96aab36a8432d6a6d29f3
a47434673417d094780b85a52831ee73f266a66c3796f9675793511fcc4cd575
a6dc1fda9f7d83b4c034b4ac38cdd63b743ffbdddce1f52ff8d68ebad4610966
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
abbda51c88a9a22c60f30b677f8925355382798bfcabb143d3938400c484d0f4
af17d4cff542b33c97ee3a95f82a21d8993c87fd3472dff534fa855828a3b615
b0bc7aaac454e3a1847b40f762ac1ec96715d1e7f3d5ff43c43424b8453163e7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b34986a42075a5c29f6854661606a60377e5173c6fd8f6ebf943ca76ef12b6c2
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bd95cdc94837b2b710952fc5bb3483130013ff18e99bc76c317fad9583eb1967
be83b5c6db77cc48ecd6c61440e62f3d3f43f62681f2a48dd805443f9ac54a57
c2454d27adafe5b2e2d50f17466ea8ca384780db7b847eabf71c74bcceedb19a
c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036
c41241144673359d6382c0e0bb4a3b5410194ff9631621414b02efe113f86ec7
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c636dd211fa2d1e34b630815d9f02c827d94ba8ca25f6bee7af6a37b0d4c95b0
c961c13ec5b0b257ee7049bdeb1078def025e3ee6c02ca609b6a45e2ca48056f
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cbb53c0d88b880c417229e8d5796510c4ba60ee6df61b9bad86054b8b9f6bf77
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
cf3ec89eaa7c3d665d75d3dc03c8e6e6f9ff0c0b667e673609ed63a0fca0c52c
cfd7befd64839e1173b32087454902af22cff9963e902b53ffb78e4d6d9a045e
d6ac8fc6684619751e1ac570018aafe57ccac20beda4ca730e42b8a102c98ffa
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d854531f9c3833536d6971b4fd7617dafe1a2c6fd0bbed9469122e73ff3b13a1
d9282b44a446a2c47ea968053b5718fbabbe56d6c31721be11375b7d7a160c53
d9a0ea3ed0a532235f43687379683fbdb984083bbdc311bd91a23c6d21f3cc72
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
dc1ca4850a9ee967d6ebcb561007bdea073f8380ae5a0a4f634945e3f9b59b87
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e05fb8d54f53f25dab931a4f41c1d4ad724e95ed0759703cd47185a77bcce41a
e07d0e3d10573cf270a43fd18e4f34d7df2154df4bf72a36bf662edeb15e60ab
e13ee2954e5216e60826ca1c89443bd2c21a11014839911b0bf7c00bf5272b49
e3481a6871569d448b57a7d4ef0a64f95f2af65f7d4520cb0e16d8d19f25e948
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e58ebfe3d43f281e19d12cdb6264e0a000c4ebe03a7f3fe90597e5db4b5f22
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e4d1c023f59d599e8987a6572987efe4bb9c4057daa02282bbf0060854273a88
e50b3437118e3987bcf15bbe18094b785119f764d2af29be181b531de3b1bb08
e9e5166f14756adb809b5e2ca03ff10cc933c8eb4a0302e8d97eb16026d4d2f4
eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f03055875414ccf6af72ab977c7d6e3d6ddf2cbcec55c14441a68be13a894575
f4f87a8d3c9614d5963e8938243cf994556526a4122042d3cf1ca6c93d8e8d02
f515534d19d71fe46d1a70045ce308eb809fc4a30f77f50010887ff1ee69ca29
f827c6fcb8de7959f04b6ba8453eaea3062c8178ddbd12244117dc45372d8efa
f9313751d20148e0539126286d07440c2ed3ca722521a214ffb926e5f36f925c
ffdbd584d26f1cafa722b9796b27b77c0970a405ae30440a8eb60c5fd275be8a