vivanews.asia Open in urlscan Pro
45.76.76.61 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://vivanews.asia/
Submission: On December 07 via manual (December 7th 2022, 6:09:58 pm UTC) from CA — Scanned from CA

Summary HTTP 173 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 2 countries across 17 domains to perform 173 HTTP transactions. The main IP is 45.76.76.61, located in Los Angeles, United States and belongs to AS-CHOOPA, US. The main domain is vivanews.asia. The Cisco Umbrella rank of the primary domain is 25065.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on December 1st 2022. Valid for: 3 months.

This is the only time vivanews.asia was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
85	45.76.76.61 45.76.76.61	20473 (AS-CHOOPA) (AS-CHOOPA)
1	2607:f8b0:400... 2607:f8b0:4006:806::200a	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81c::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81c::2001	15169 (GOOGLE) (GOOGLE)
13	2607:f8b0:400... 2607:f8b0:4006:816::2001	15169 (GOOGLE) (GOOGLE)
20	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81c::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:816::2004	15169 (GOOGLE) (GOOGLE)
3 11	142.250.176.194 142.250.176.194	15169 (GOOGLE) (GOOGLE)
3 5	192.40.39.223 192.40.39.223	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	68.67.160.186 68.67.160.186	29990 (ASN-APPNEX) (ASN-APPNEX)
16	2607:f8b0:400... 2607:f8b0:4006:80f::2006	15169 (GOOGLE) (GOOGLE)
1	2620:116:800b... 2620:116:800b:21:c1e8:5385:5098:6bf0	27281 (QUANTCAST) (QUANTCAST)
1 1	20.242.10.199 20.242.10.199	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	35.190.90.30 35.190.90.30	15169 (GOOGLE) (GOOGLE)
2 2	104.36.115.113 104.36.115.113	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	52.73.27.182 52.73.27.182	14618 (AMAZON-AES) (AMAZON-AES)
2	142.250.65.226 142.250.65.226	15169 (GOOGLE) (GOOGLE)
173	18

85 45.76.76.61 (Los Angeles, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 45.76.76.61.vultrusercontent.com

vivanews.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:806::200a (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:809::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::2003 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:816::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::2001 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4006:816::2001 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2607:f8b0:4006:80b::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:816::2004 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.176.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.40.39.223 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.160.186 (Brooklyn, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f8b0:4006:80f::2006 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800b:21:c1e8:5385:5098:6bf0 (United States)

ASN27281 (QUANTCAST, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.242.10.199 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

beacon.walmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.90.30 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.36.115.113 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.154.237 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.73.27.182 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-27-182.compute-1.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.226 (Glen Cove, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
85	vivanews.asia vivanews.asia — Cisco Umbrella Rank: 25065	2 MB
35	googlesyndication.com 5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 144 pagead2.googlesyndication.com — Cisco Umbrella Rank: 109	353 KB
24	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203 googleads.g.doubleclick.net — Cisco Umbrella Rank: 39 cm.g.doubleclick.net — Cisco Umbrella Rank: 234 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 316	220 KB
16	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 288	993 KB
6	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 588 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 467	5 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 87 www.google.com — Cisco Umbrella Rank: 2	3 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 238	3 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 734	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	94 KB
2	google.ca adservice.google.ca — Cisco Umbrella Rank: 13098	914 B
2	gstatic.com fonts.gstatic.com	31 KB
1	adingo.jp 1 redirects cc.adingo.jp — Cisco Umbrella Rank: 3980	461 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 351	516 B
1	mookie1.com 1 redirects odr.mookie1.com — Cisco Umbrella Rank: 1148	769 B
1	walmart.com 1 redirects beacon.walmart.com — Cisco Umbrella Rank: 4064	622 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 721	464 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 51	1 KB
173	17

	Domain	Requested by
85	vivanews.asia	vivanews.asia
20	pagead2.googlesyndication.com	5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com googleads.g.doubleclick.net s0.2mdn.net
16	s0.2mdn.net	vivanews.asia s0.2mdn.net
13	tpc.googlesyndication.com	5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net
11	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
6	securepubads.g.doubleclick.net	vivanews.asia securepubads.g.doubleclick.net 5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com www.googletagservices.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.google.com	tpc.googlesyndication.com googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	vivanews.asia
2	image6.pubmatic.com	2 redirects
2	www.googletagservices.com	5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com googleads.g.doubleclick.net
2	5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	adservice.google.ca	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
1	cc.adingo.jp	1 redirects
1	ssum-sec.casalemedia.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	odr.mookie1.com	1 redirects
1	beacon.walmart.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	vivanews.asia
173	24

This site contains no links.

Subject Issuer	Validity	Valid
vivanews.asia ZeroSSL RSA Domain Secure Site CA	`2022-12-01` - `2023-03-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://vivanews.asia/
Frame ID: 5476CB734CC9A953E4E738E9AAA1CEC0
Requests: 97 HTTP requests in this frame

Frame: https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3DE252A8BE3FA30CF9A35CA095533421
Requests: 1 HTTP requests in this frame

Frame: https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4E0AC59ED3AC0ECBFDA77C82A417F625
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20190131/zrt_lookup.html
Frame ID: A90A8FF856FDF16A385979C65A2FC17C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&adk=1812271804&adf=3279755399&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670436590778&bpp=5&bdt=245&idt=189&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&nras=1&correlator=6802309372592&frm=24&ife=3&pv=2&ga_vid=186587116.1670436591&ga_sid=1670436591&ga_hid=1502866042&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3623698145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=4157502748526341&tmod=1347136777&uas=0&nvt=1&etu=ALEzveltYJkQJOiuicy-L0678qHkMlYftZUIoTdMAZhTkCCVYkBHkjR1wejrzdczwwbYYTyO8JSYOTw&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.t7gpdtdhahyj&fsb=1&dtd=260
Frame ID: 2EFFB3567A44FE1CBD271AC932BE195E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3173046730&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670436590778&bpp=2&bdt=244&idt=219&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6802309372592&frm=24&ife=3&pv=1&ga_vid=186587116.1670436591&ga_sid=1670436591&ga_hid=1502866042&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3623698145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=4157502748526341&tmod=1347136777&uas=0&nvt=1&etu=ALEzveltYJkQJOiuicy-L0678qHkMlYftZUIoTdMAZhTkCCVYkBHkjR1wejrzdczwwbYYTyO8JSYOTw&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.82lxsd6kjy9j&fsb=1&dtd=272
Frame ID: 678242E2A0EA43FE963E3A09DC613800
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D22A8654163A0870E6A1A2A2FCF5562B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 232036489D1ABDD6C56C12A03EBFD4C2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 913DB1E29E6C685EBC54607FC91A5BB3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F5950F2572DACC90504F224BFDAC3FD1
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMH6FRCUyVkYi5v42QEwAQ&v=APEucNXDe_3VxTZlO3QMq9m6wAiOpHEIQLLLGAiZ6WikudEBpegE5wl96Tgq54o_XKRfz3eURbxjExJ_8aQUt_G-FqCE7Z-nOQ
Frame ID: 31A7130FA345C44C141E810751E832B6
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B0EA8C3FCC8206D2B05DCA8C09EEE0B3
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BCBD130EF561BF70226101001A4A3F0D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247
Frame ID: 64701CB099DF95F8B547C1755CC021D5
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/o1Uwx-LeZy1xXNnqv4YwBo-O3KbbR1TU6AaZC5EN1kw.js
Frame ID: F8DA8F381EF88F776CC65894968279AF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

VivaGames - Play Games In Browser

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

173
Requests

94 %
HTTPS

52 %
IPv6

17
Domains

24
Subdomains

18
IPs

2
Countries

3847 kB
Transfer

5576 kB
Size

18
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 132

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGn63Gq8lRw6Fo0U70SdvSA&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGn63Gq8lRw6Fo0U70SdvSA&google_cver=1&C=1

Request Chain 133

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y5DW8LNfJW9dzBIaockglwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGn63Gq8lRw6Fo0U70SdvSA&google_cver=1

Request Chain 134

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEM0Rzo7fnSdVfzXA--Etyt8&google_cver=1

Request Chain 135

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE2Nzg5NDgzNDQzNjQ4ODU3OA%3D%3D

Request Chain 144

https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESELKrf07Hud20azITLqw9-_k&google_cver=1&google_push=ASkJ3FZ9_hPwEj01w9cOsmbw-kgW2YwnUvgWmdOrKKpqW9sjO2ko177mc-9H81oSylX9EX5VI0vpqTx2IGhQPfXdnnaManJzqjoQ1U-RA0Z2arcAAEH2Cqw0eTNphv29BNiGN2tCu8FToD7YAsOOpjiXTvM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=Wlz175q_hujWhxgu-QPDPU&tap=gAds&google_gid=CAESELKrf07Hud20azITLqw9-_k&google_cver=1&google_push=ASkJ3FZ9_hPwEj01w9cOsmbw-kgW2YwnUvgWmdOrKKpqW9sjO2ko177mc-9H81oSylX9EX5VI0vpqTx2IGhQPfXdnnaManJzqjoQ1U-RA0Z2arcAAEH2Cqw0eTNphv29BNiGN2tCu8FToD7YAsOOpjiXTvM

Request Chain 145

https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEKH5IA4HJ-TWAmMex8ODvqI&google_push=ASkJ3FYACkeA360kZGQOC_zmRh38iueDfZEIgqSxmmcGrC4y9FTk8ywqPfvfPaviD8nFczWYrc9HbVfbtWyOmAU11X0urz37jUTtVVh2Fslyt0sSiwFKygmSAMgYbCUb25Da7OH5YOObjlWhCF0ieEczOw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=ASkJ3FYACkeA360kZGQOC_zmRh38iueDfZEIgqSxmmcGrC4y9FTk8ywqPfvfPaviD8nFczWYrc9HbVfbtWyOmAU11X0urz37jUTtVVh2Fslyt0sSiwFKygmSAMgYbCUb25Da7OH5YOObjlWhCF0ieEczOw&google_hm=MTA1OTgzMDY5MzMxNjU2MzAzOTU

Request Chain 146

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEM0Gxpa7a2uh0JHD0qH_qY0&google_cver=1&google_push=ASkJ3FYBuAXGD2lOTU3XwiU6eVVDsfldPxAdNDwmI0UMaPHeLzjC-XKxE4vmysN_35r-3ASHAiiVDwDYvswoGbcjZWUABof9Cc7LnEab50wDL-gcu7sRXtCriVALOhSDZTKlQf8uNbHso6qNGKrb2eFZDQY HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEM0Gxpa7a2uh0JHD0qH_qY0&google_cver=1&google_push=ASkJ3FYBuAXGD2lOTU3XwiU6eVVDsfldPxAdNDwmI0UMaPHeLzjC-XKxE4vmysN_35r-3ASHAiiVDwDYvswoGbcjZWUABof9Cc7LnEab50wDL-gcu7sRXtCriVALOhSDZTKlQf8uNbHso6qNGKrb2eFZDQY&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sjy4O3-MRraPzQcj8sBfSQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYBuAXGD2lOTU3XwiU6eVVDsfldPxAdNDwmI0UMaPHeLzjC-XKxE4vmysN_35r-3ASHAiiVDwDYvswoGbcjZWUABof9Cc7LnEab50wDL-gcu7sRXtCriVALOhSDZTKlQf8uNbHso6qNGKrb2eFZDQY

Request Chain 147

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENZp750k3nqcrr6Eykq7GnE&google_cver=1&google_push=ASkJ3FbsS46_aXt2XoE6kB_1l9RGOQV3FQWeI7EElwzCFXrhzRzKXvxyNvofdBI7B0c-oiWzeTMSJLMx717kB25HlzxWAuP4wNYtwtMsFSu49bMcSQ84M2h-lHS9tT8ER04izeYUlQSI9ErK8mYFGfMiyEE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJEWVRHOEUtMTMtSktTUg==&google_push=ASkJ3FbsS46_aXt2XoE6kB_1l9RGOQV3FQWeI7EElwzCFXrhzRzKXvxyNvofdBI7B0c-oiWzeTMSJLMx717kB25HlzxWAuP4wNYtwtMsFSu49bMcSQ84M2h-lHS9tT8ER04izeYUlQSI9ErK8mYFGfMiyEE

Request Chain 148

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKp_KWxQeL2u0o5egn0Acz8&google_cver=1&google_push=ASkJ3FZhy_X8CqRUF8zMB5ytkyS2nliYFzpx8fuZut4pxdiPkQzzk5P9E825_ZyHY97xw8CO_VFViMUDJ2wTDLTdxaNQCpmAu3OF84DfRqpraAJfysMlXkFCESeJRGhqAXK1YK2TE2pq7JvuCaS1xgrBmQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKp_KWxQeL2u0o5egn0Acz8&google_hm=Y5DW8LNfJW9dzBIaockglwAADkwAAAIB&google_nid=index&google_push=ASkJ3FZhy_X8CqRUF8zMB5ytkyS2nliYFzpx8fuZut4pxdiPkQzzk5P9E825_ZyHY97xw8CO_VFViMUDJ2wTDLTdxaNQCpmAu3OF84DfRqpraAJfysMlXkFCESeJRGhqAXK1YK2TE2pq7JvuCaS1xgrBmQ

Request Chain 149

https://cc.adingo.jp/adx/push/?google_gid=CAESEKdV8SNYM2GnFvEKJ7frtGE&google_cver=1&google_push=ASkJ3Fa3Ctdyv77_lcDVYR_7HBwaGRodMprxGNHcG3WdFgBYkh7XTZjKUjkrm-g_C8bP2cCLXaTG9tmsgITEcuaogPNbNbr2nf1QG1ezbgSNoIWHe2YWeywIJKHQTYNVUmjKNdVZGN-8fuJiXjn0A6gjG8M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3Fa3Ctdyv77_lcDVYR_7HBwaGRodMprxGNHcG3WdFgBYkh7XTZjKUjkrm-g_C8bP2cCLXaTG9tmsgITEcuaogPNbNbr2nf1QG1ezbgSNoIWHe2YWeywIJKHQTYNVUmjKNdVZGN-8fuJiXjn0A6gjG8M&google_hm=81eab9a700dfa206c92cade84d7754ef

173 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
vivanews.asia/ 54 KB
10 KB 493ms
241ms Document
text/html 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

b7b72cf5893cd988fcaf9a5adbabb9bf7a521affe75b59590f6dfb3a1f4945fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 07 Dec 2022 18:09:49 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://vivanews.asia/wp-json/>; rel="https://api.w.org/"
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff nosniff
x-xss-protection: 1; mode=block

GET
H2 200 style.min.css
vivanews.asia/wp-includes/css/dist/block-library/ 93 KB
15 KB 114ms
111ms Stylesheet
text/css 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://vivanews.asia/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:49 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
last-modified: Thu, 01 Dec 2022 11:05:56 GMT
server: nginx
etag: W/"63888a94-172a9"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:49 GMT

GET
H2 200 classic-themes.min.css
vivanews.asia/wp-includes/css/ 217 B
463 B 115ms
112ms Stylesheet
text/css 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://vivanews.asia/wp-includes/css/classic-themes.min.css?ver=1

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:49 GMT
x-content-type-options: nosniff, nosniff
last-modified: Thu, 01 Dec 2022 11:05:56 GMT
server: nginx
etag: "63888a94-d9"
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 217
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:49 GMT

GET
H2 200 style.css
vivanews.asia/wp-content/themes/kizitheme/ 16 KB
4 KB 119ms
116ms Stylesheet
text/css 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://vivanews.asia/wp-content/themes/kizitheme/style.css?ver=6.1.1

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

acc32c1030654659ed8e167d5c82ef5ad511261b6140a82f4874c3e389bf4d15

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:49 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 04:06:07 GMT
server: nginx
etag: W/"638433af-3ee2"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:49 GMT

GET
H2 200 skeleton.css
vivanews.asia/wp-content/themes/kizitheme/css/ 13 KB
2 KB 124ms
121ms Stylesheet
text/css 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://vivanews.asia/wp-content/themes/kizitheme/css/skeleton.css?ver=6.1.1

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

6f0a78384a5fe1f2ccf0f887dbb4f7adc0746427ad847f7f0f37fb61fc641860

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:49 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 04:06:07 GMT
server: nginx
etag: W/"638433af-327c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:49 GMT

GET
H2 200 iconfont.css
vivanews.asia/wp-content/themes/kizitheme/css/ 5 KB
2 KB 159ms
157ms Stylesheet
text/css 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://vivanews.asia/wp-content/themes/kizitheme/css/iconfont.css?ver=6.1.1

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

f3143ea841f3c387fc23d61a9932cd0d6aede512772392950834402812bda65d

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:49 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 04:06:07 GMT
server: nginx
etag: W/"638433af-14d6"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:49 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 87ms
37ms Stylesheet
text/css 2607:f8b0:4006:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%2C300&ver=6.1.1

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98c79c403cbb4a0c321790331af72a914f0231da2736659055fc196597d6c31a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Dec 2022 18:09:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 17:14:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Dec 2022 18:09:49 GMT

GET
H2 200 jquery.min.js Show response
vivanews.asia/wp-includes/js/jquery/ 88 KB
34 KB 189ms
187ms Script
application/javascript 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://vivanews.asia/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:49 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
last-modified: Thu, 01 Dec 2022 11:05:56 GMT
server: nginx
etag: W/"63888a94-15e54"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:49 GMT

GET
H2 200 jquery-migrate.min.js Show response
vivanews.asia/wp-includes/js/jquery/ 11 KB
5 KB 232ms
231ms Script
application/javascript 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://vivanews.asia/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:49 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
last-modified: Thu, 01 Dec 2022 11:05:56 GMT
server: nginx
etag: W/"63888a94-2bd8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:49 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 112ms
41ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74b1553a8bc02b258d9607e3b6be0d38c69787670259db355120226bb9eb868e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27549
x-xss-protection: 0
server: sffe
etag: "1414 / 261 of 1000 / last-modified: 1670414902"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 07 Dec 2022 18:09:50 GMT

GET
H2 200 vivanews.png
vivanews.asia/wp-content/uploads/2022/11/ 17 KB
17 KB 129ms
95ms Image
image/png 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/2022/11/vivanews.png

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

e3e2e029a91b0e0b3759ce3b13e3ec4f214e62d8b9d99f1ae05e5661ff234bef

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Tue, 29 Nov 2022 20:48:11 GMT
server: nginx
etag: "6386700b-43c4"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 17348
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 Earn-to-Die-1_1432296216.png
vivanews.asia/wp-content/uploads/thumbs/custom/E/ 63 KB
63 KB 146ms
112ms Image
image/png 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/E/Earn-to-Die-1_1432296216.png

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

956565d639de5e0d44c98b8deb304a86938aec1d8ddf321190ae57d291ae69eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Fri, 02 Dec 2022 15:53:47 GMT
server: nginx
etag: "638a1f8b-fc2d"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 64557
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 Crossy-Road-300x300.webp
vivanews.asia/wp-content/uploads/2022/12/ 58 KB
58 KB 190ms
156ms Image
image/webp 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/2022/12/Crossy-Road-300x300.webp

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

4bd4c275f007d9e466783a2fce6bde0c35f098135b8f5afb6deda1dda03c4fca

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Fri, 02 Dec 2022 17:35:24 GMT
server: nginx
etag: "638a375c-e882"
content-type: image/webp
accept-ranges: bytes
content-length: 59522
x-xss-protection: 1; mode=block

GET
H2 200 sheep-underground.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/S/ 71 KB
71 KB 191ms
157ms Image
image/jpeg 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/S/sheep-underground.jpg

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

5ed7f70e7c632f089ed340524dec67ba19c429841264beaf2be345c2c27f8c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Fri, 02 Dec 2022 15:48:53 GMT
server: nginx
etag: "638a1e65-11cbb"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 72891
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 super-mario-bros-1652945785.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/S/ 13 KB
13 KB 191ms
157ms Image
image/jpeg 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/S/super-mario-bros-1652945785.jpg

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

ad78ff58114e92438a9a3e8aca9cefa822cd173ac669694f864520cb75643dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Fri, 02 Dec 2022 15:47:07 GMT
server: nginx
etag: "638a1dfb-3213"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12819
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 pokevolve-1652778082.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/P/ 13 KB
13 KB 191ms
157ms Image
image/jpeg 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/P/pokevolve-1652778082.jpg

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

2805a9706647dc3f67f18c7ab7450ba356368fbd6438c315de89ab9eef123edd

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Fri, 02 Dec 2022 15:41:47 GMT
server: nginx
etag: "638a1cbb-341e"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 13342
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 WHACKYOURBOSS-300x300.jpg
vivanews.asia/wp-content/uploads/2022/12/ 18 KB
18 KB 288ms
254ms Image
image/jpeg 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/2022/12/WHACKYOURBOSS-300x300.jpg

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

82d885b57ea9266031e7efea885e247e8c8f4b146651017118188191056f51f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Fri, 02 Dec 2022 17:32:20 GMT
server: nginx
etag: "638a36a4-4732"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 18226
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 noob-vs-zombies-1655296006.png
vivanews.asia/wp-content/uploads/thumbs/custom/N/ 47 KB
47 KB 293ms
260ms Image
image/png 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/N/noob-vs-zombies-1655296006.png

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

208811b594100e86eb5f1732277c45e426905bca9c94a05bc1fc63af88bb6d01

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Fri, 02 Dec 2022 15:34:14 GMT
server: nginx
etag: "638a1af6-bb9b"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 48027
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 pixel-shooter-1659952182.png
vivanews.asia/wp-content/uploads/thumbs/custom/P/ 43 KB
43 KB 308ms
275ms Image
image/png 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/P/pixel-shooter-1659952182.png

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

1ebfd680b72b9825db5e9905ddc7634583d547e4f8935b74c4c77464fadaa9a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Fri, 02 Dec 2022 15:31:29 GMT
server: nginx
etag: "638a1a51-abb8"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 43960
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 murder-1558376048.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/M/ 9 KB
9 KB 319ms
286ms Image
image/jpeg 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/M/murder-1558376048.jpg

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

f87b71f6a3914637476b44314228411f992ac30cab2ca55b2570ab1cce6125e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Fri, 02 Dec 2022 15:29:59 GMT
server: nginx
etag: "638a19f7-24bd"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 9405
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 noob-fall-1657266717.png
vivanews.asia/wp-content/uploads/thumbs/custom/N/ 40 KB
40 KB 324ms
291ms Image
image/png 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/N/noob-fall-1657266717.png

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

4a2bf31cb7fc5fa522dfb7e0b849d200c10f8f5a6df38ba892bd084f0b9f0562

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Fri, 02 Dec 2022 15:25:43 GMT
server: nginx
etag: "638a18f7-9faf"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 40879
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 stick-merge-1654082995.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/S/ 12 KB
12 KB 334ms
301ms Image
image/jpeg 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/S/stick-merge-1654082995.jpg

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

9b1b696ec3f788a517f464a3341906262f687aa000abf6b4120ca1f2b0baffef

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Fri, 02 Dec 2022 15:23:53 GMT
server: nginx
etag: "638a1889-2e93"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 11923
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 fall-guys-and-girls-1659946066.png
vivanews.asia/wp-content/uploads/thumbs/custom/F/ 77 KB
77 KB 337ms
305ms Image
image/png 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/F/fall-guys-and-girls-1659946066.png

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

32afc45d62308807fbf43cb70066e87de99e270ffc172031c71d8a8f01b2787d

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Fri, 02 Dec 2022 15:21:55 GMT
server: nginx
etag: "638a1813-13490"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 78992
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 canyon-defense-1666341982.png
vivanews.asia/wp-content/uploads/thumbs/custom/C/ 82 KB
82 KB 355ms
323ms Image
image/png 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/C/canyon-defense-1666341982.png

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

dd0037b1381eda94026ab71bf518b6d2533f18a7592db9dce036ae7194fb7892

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Fri, 02 Dec 2022 15:15:09 GMT
server: nginx
etag: "638a167d-147ea"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 83946
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 age-of-war-prehistoric-1658489597.png
vivanews.asia/wp-content/uploads/thumbs/custom/A/ 14 KB
14 KB 358ms
326ms Image
image/png 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/A/age-of-war-prehistoric-1658489597.png

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

3123931d2096e41866151ecbb3e392c4078fc19902e226036fa837ab764d0a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Thu, 01 Dec 2022 07:50:55 GMT
server: nginx
etag: "63885cdf-36f8"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 14072
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 imposter-battle-royale-1659951709.png
vivanews.asia/wp-content/uploads/thumbs/custom/I/ 68 KB
69 KB 359ms
326ms Image
image/png 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/I/imposter-battle-royale-1659951709.png

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

be51d196e9c1f842bb0d70cc2244d83b5635bd0219e533794ce62d86c702db4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Thu, 01 Dec 2022 07:47:38 GMT
server: nginx
etag: "63885c1a-111e0"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 70112
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 narrowone-1622488766.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/N/ 10 KB
11 KB 359ms
327ms Image
image/jpeg 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/N/narrowone-1622488766.jpg

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

feca5d03b4626f7f5c63f64b33921ac8ea924404f504645d06aed7a3cbf6df7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Thu, 01 Dec 2022 07:38:34 GMT
server: nginx
etag: "638859fa-2960"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 10592
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 toon-cup-2022-1660496767.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/T/ 12 KB
12 KB 359ms
327ms Image
image/jpeg 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/T/toon-cup-2022-1660496767.jpg

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

e7fe619fdeea2d0899b235da6eb39403a0f793b934a0004dba02660618098f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Thu, 01 Dec 2022 07:36:47 GMT
server: nginx
etag: "6388598f-302d"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12333
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 home-sheep-home-1665390440.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/H/ 10 KB
10 KB 360ms
328ms Image
image/jpeg 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/H/home-sheep-home-1665390440.jpg

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

0b6b927ed49b35cafb9649f4e46e95d5887b07f36a4b07b26f92dab06df1e3ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Thu, 01 Dec 2022 07:33:50 GMT
server: nginx
etag: "638858de-26b6"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 9910
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 Nickelodeon-Hardest-Game-Ever_1438461632-1.png
vivanews.asia/wp-content/uploads/thumbs/custom/N/ 79 KB
79 KB 360ms
329ms Image
image/png 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/N/Nickelodeon-Hardest-Game-Ever_1438461632-1.png

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

443b42a7369c5d664b2743ecd813f175b7b927fa62fc21837d24c88603f964b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Thu, 01 Dec 2022 07:24:47 GMT
server: nginx
etag: "638856bf-13c2e"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 80942
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 NYAN-CAT-FLY.jpg
vivanews.asia/wp-content/uploads/2022/11/ 43 KB
43 KB 361ms
330ms Image
image/jpeg 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/2022/11/NYAN-CAT-FLY.jpg

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

d5a391bc4a4fde724d0720d2f7216153ddac2456c8108b4267b0aaafec02dcf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Fri, 02 Dec 2022 17:39:14 GMT
server: nginx
etag: "638a3842-aab1"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 43697
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 heads-arena-soccer-all-stars-1660897040.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/H/ 12 KB
13 KB 367ms
336ms Image
image/jpeg 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/H/heads-arena-soccer-all-stars-1660897040.jpg

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

5f15609dae773a4b3e3ff0893c694e0a728145bbc6be9fdd9898a56aeab834df

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 09:38:04 GMT
server: nginx
etag: "6384817c-31da"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12762
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 bacon-may-die.png
vivanews.asia/wp-content/uploads/2022/11/ 46 KB
47 KB 368ms
337ms Image
image/png 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/2022/11/bacon-may-die.png

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

c2da550fb7091e629770f57aef5ae7be0e5460e39564b13ca5c7190ab9f3df66

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Fri, 02 Dec 2022 17:42:44 GMT
server: nginx
etag: "638a3914-b9da"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 47578
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 angry-ducks-1647528246.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/A/ 9 KB
9 KB 368ms
338ms Image
image/jpeg 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/A/angry-ducks-1647528246.jpg

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

8d517631a58883faff47882e248f70964c65168e26ab649b47487e8c6ceca440

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 09:32:06 GMT
server: nginx
etag: "63848016-2349"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 9033
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 frozendouble_1508143818.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/F/ 13 KB
13 KB 369ms
338ms Image
image/jpeg 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/F/frozendouble_1508143818.jpg

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

40b5ee037cd0cdbcedaa693bf1ada6374bc34230dc5dbb8c6554944e318dfa8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 09:28:46 GMT
server: nginx
etag: "63847f4e-32e1"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 13025
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 subway-surfers-spacestation-300x300.jpg
vivanews.asia/wp-content/uploads/2022/11/ 27 KB
27 KB 369ms
339ms Image
image/jpeg 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/2022/11/subway-surfers-spacestation-300x300.jpg

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

e7b959c432c42ff7654354fe0cda58079e4681e9476e3a243630515014125aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Fri, 02 Dec 2022 17:45:42 GMT
server: nginx
etag: "638a39c6-6b67"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 27495
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 FRIDAY-NIGHT-FUNKIN.png
vivanews.asia/wp-content/uploads/2022/11/ 94 KB
94 KB 370ms
339ms Image
image/png 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/2022/11/FRIDAY-NIGHT-FUNKIN.png

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

3cb13fe352e70a3164b48c06d7f3351827d2ab1c49f6b8e5f459fb3e7bb3591d

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Fri, 02 Dec 2022 17:50:31 GMT
server: nginx
etag: "638a3ae7-17661"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 95841
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 blockpost-online-1657611391.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/B/ 7 KB
7 KB 370ms
340ms Image
image/jpeg 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/B/blockpost-online-1657611391.jpg

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

27ebb4b9fba54c26f207d200001889e4e123c0ad2dcd3ab05c2d8b0d6255521f

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 09:21:33 GMT
server: nginx
etag: "63847d9d-1d01"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 7425
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 raft-wars-1663420820.png
vivanews.asia/wp-content/uploads/thumbs/custom/R/ 73 KB
74 KB 370ms
340ms Image
image/png 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/R/raft-wars-1663420820.png

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

08fee21e5d5837b83dfc57550ef625c8101383b797d041e00b2203c835953223

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 09:18:41 GMT
server: nginx
etag: "63847cf1-12566"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 75110
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 fnf-2-player-1634827143.png
vivanews.asia/wp-content/uploads/thumbs/custom/F/ 56 KB
56 KB 370ms
340ms Image
image/png 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/F/fnf-2-player-1634827143.png

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

39f99fad5216bf62dbe0b75f585d68d7bb464810534fdc777f0fade6eb18df87

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 09:15:45 GMT
server: nginx
etag: "63847c41-e0b2"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 57522
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 hello-neighbor-alpha-4-1663069921.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/H/ 9 KB
9 KB 371ms
341ms Image
image/jpeg 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/H/hello-neighbor-alpha-4-1663069921.jpg

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

f238e8708c8806ff68bf6d9b3f1bebc1501f91f7d336f72626d84072867d0798

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 07:46:17 GMT
server: nginx
etag: "63846749-247b"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 9339
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 motox3m.png
vivanews.asia/wp-content/uploads/2022/11/ 32 KB
33 KB 371ms
341ms Image
image/png 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/2022/11/motox3m.png

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

7a0cb33ad56641087f3b9355a126591f57957c1dd8175a46f38d51834bdd8a42

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Fri, 02 Dec 2022 17:30:42 GMT
server: nginx
etag: "638a3642-8137"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 33079
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 zuma-high-speed-challenge-1666608874.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/Z/ 9 KB
9 KB 371ms
342ms Image
image/jpeg 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/Z/zuma-high-speed-challenge-1666608874.jpg

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

67873e867f80a4e38ed77b2d2e470ffdc7404629233f6dd0c0ae060eb23b55a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 07:39:47 GMT
server: nginx
etag: "638465c3-2419"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 9241
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 lets-color-noob-1667388622-1.png
vivanews.asia/wp-content/uploads/thumbs/custom/L/ 51 KB
51 KB 371ms
342ms Image
image/png 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/L/lets-color-noob-1667388622-1.png

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

ef6ff0da6c661c0c96c5cbb4e79cc930dffd2a11a80b1cf6796ea973d9c11c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 07:38:18 GMT
server: nginx
etag: "6384656a-ca45"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 51781
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 zuma-deluxe-1668145032.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/Z/ 15 KB
15 KB 372ms
343ms Image
image/jpeg 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/Z/zuma-deluxe-1668145032.jpg

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

104f4f425ec150d76ff783bea28bb49a1f5f743305189ea91f34d79f3d95b48e

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 07:31:53 GMT
server: nginx
etag: "638463e9-3b44"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 15172
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 the-worlds-easyest-game_1503914933.png
vivanews.asia/wp-content/uploads/thumbs/custom/T/ 58 KB
58 KB 372ms
343ms Image
image/png 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/T/the-worlds-easyest-game_1503914933.png

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

dc6c10f75c0d86ce0a49a6c64440bfb7d996010f3fa6767d9c2384c7f43163c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 07:28:24 GMT
server: nginx
etag: "63846318-e7b8"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 59320
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 friday-night-funkin-hd-1620120645.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/F/ 7 KB
7 KB 372ms
343ms Image
image/jpeg 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/F/friday-night-funkin-hd-1620120645.jpg

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

b83870f8305b8900262de8381157f408d91e044be196880218d8ee00a58f8e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 07:26:51 GMT
server: nginx
etag: "638462bb-1c2b"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 7211
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 papa-scooperia-1654592513.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/P/ 13 KB
13 KB 372ms
344ms Image
image/jpeg 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/P/papa-scooperia-1654592513.jpg

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

c1edcc780d23377ea9c7e15b2a064085d1879bbe909e9c36f642021e8bb96743

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 07:24:26 GMT
server: nginx
etag: "6384622a-3204"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12804
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 RetroBowl2.png
vivanews.asia/wp-content/uploads/2022/11/ 8 KB
8 KB 373ms
344ms Image
image/png 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/2022/11/RetroBowl2.png

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

3501a3ec0d024163ef992e0e5f87552d17569e23bcea1e69447f64179d614637

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Fri, 02 Dec 2022 17:29:21 GMT
server: nginx
etag: "638a35f1-20e8"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 8424
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 Glenn-Martin-Dental-Adventure_1432468062.png
vivanews.asia/wp-content/uploads/thumbs/custom/G/ 58 KB
58 KB 373ms
345ms Image
image/png 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/G/Glenn-Martin-Dental-Adventure_1432468062.png

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

a994550e07e2ccdf11d39850c1d27e897796afc20de7c21d0a0854ce67b7ba58

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 07:17:39 GMT
server: nginx
etag: "63846093-e8bb"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 59579
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 Extreme-Pamplona_1432472696.png
vivanews.asia/wp-content/uploads/thumbs/custom/E/ 57 KB
57 KB 373ms
345ms Image
image/png 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/E/Extreme-Pamplona_1432472696.png

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

17bfd84b7950ab91dec7b983a55bb24e4417bee3cfb3ec1434a4dd617df9e95f

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 07:15:07 GMT
server: nginx
etag: "63845ffb-e22f"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 57903
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 BoBoiBoy-Halilintar-vs-Taufan_1430588526.png
vivanews.asia/wp-content/uploads/thumbs/custom/B/ 23 KB
23 KB 374ms
346ms Image
image/png 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/B/BoBoiBoy-Halilintar-vs-Taufan_1430588526.png

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

8a6749df5bda37a8da862387e46cf39313d07ff2dcfa684faefaeb33b9a2ee6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 07:13:40 GMT
server: nginx
etag: "63845fa4-5b9f"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 23455
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 age-of-war-3-1587847090.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/A/ 11 KB
11 KB 374ms
346ms Image
image/jpeg 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/A/age-of-war-3-1587847090.jpg

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

8b8b22b8c1df47f77a24146d9cacf8efa05e5b5016fe6b9075e032ac11488b41

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 07:11:43 GMT
server: nginx
etag: "63845f2f-2cbf"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 11455
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 death-note-type-game-1609874512.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/D/ 9 KB
9 KB 374ms
346ms Image
image/jpeg 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/D/death-note-type-game-1609874512.jpg

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

0b60d0d8d1c1bcc232106bc6891f433de3370a372b04df6d4c76fd334abeb868

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 07:09:24 GMT
server: nginx
etag: "63845ea4-23cf"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 9167
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 squid-game-pro-1633692889.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/S/ 9 KB
9 KB 374ms
347ms Image
image/jpeg 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/S/squid-game-pro-1633692889.jpg

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

18a62be8995d31496185e6bb49cf98355734f8ecd29d0c87e79164b90fc0d306

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 07:07:51 GMT
server: nginx
etag: "63845e47-24d7"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 9431
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 slope.jpg
vivanews.asia/wp-content/uploads/2022/11/ 23 KB
23 KB 374ms
347ms Image
image/jpeg 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/2022/11/slope.jpg

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

055acaa4ad04b13215cfd46fad9930e06a98bb333b445da13e90a0ef2ce26f89

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Fri, 02 Dec 2022 17:30:04 GMT
server: nginx
etag: "638a361c-5b9c"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 23452
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 Love-Tester_1433792092.png
vivanews.asia/wp-content/uploads/thumbs/custom/L/ 23 KB
23 KB 375ms
348ms Image
image/png 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/L/Love-Tester_1433792092.png

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

292f38ab6aa1dc37e03e86f5e97b5949101902fd155abc76ce19f82b96201864

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 07:00:14 GMT
server: nginx
etag: "63845c7e-5b11"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 23313
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 garfield-scary-scavenger-1652949366.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/G/ 15 KB
15 KB 376ms
349ms Image
image/jpeg 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/G/garfield-scary-scavenger-1652949366.jpg

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

f9c2bb5c7f8b32755a14d63e0a812911e2286f8aa23c910cc790f0937aacf37d

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 06:58:58 GMT
server: nginx
etag: "63845c32-3c79"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 15481
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 roblox-online-1647528660.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/R/ 12 KB
13 KB 376ms
349ms Image
image/jpeg 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/R/roblox-online-1647528660.jpg

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

617ff2eb3d5dbbbc37949c4fdf8406e7a8a08990f1b846a8011d614ad2c1f88b

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 06:51:17 GMT
server: nginx
etag: "63845a65-3148"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12616
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 Run-3.png
vivanews.asia/wp-content/uploads/2022/11/ 33 KB
33 KB 376ms
349ms Image
image/png 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/2022/11/Run-3.png

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

b1845327cc9109e7908fbd355c4c27bfa87aebf7915525ab593d13f449695fc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Fri, 02 Dec 2022 17:28:49 GMT
server: nginx
etag: "638a35d1-8372"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 33650
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 subway-surfers-hong-kong-1664719850.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/S/ 13 KB
14 KB 376ms
350ms Image
image/jpeg 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/S/subway-surfers-hong-kong-1664719850.jpg

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

e6229885746123984ffa4249d1036a9fe9cf949d3940fe5815086702b7962afe

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 06:45:34 GMT
server: nginx
etag: "6384590e-35b3"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 13747
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 drive-mad-1663425416.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/D/ 9 KB
10 KB 376ms
350ms Image
image/jpeg 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/D/drive-mad-1663425416.jpg

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

f7faa4715a7b7e6cb5d09c4f485825d35d963b684c255013b813d9d5a7b1bd26

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 06:42:41 GMT
server: nginx
etag: "63845861-2516"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 9494
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 the-last-miner-1667388455.png
vivanews.asia/wp-content/uploads/thumbs/custom/T/ 25 KB
25 KB 377ms
351ms Image
image/png 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/T/the-last-miner-1667388455.png

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

8c0fcb802476b243779d9398d68f5bbdee60031f2aeb6979817317dae9731a8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 06:40:56 GMT
server: nginx
etag: "638457f8-6472"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 25714
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 subway-surfers-marrakech-1667232387.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/S/ 14 KB
14 KB 377ms
351ms Image
image/jpeg 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/S/subway-surfers-marrakech-1667232387.jpg

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

23d19ebfe50d8795a5e8415ae5a36bf81f00b6525d2de87406dd73448f03a742

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 06:39:32 GMT
server: nginx
etag: "638457a4-38d5"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 14549
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 bubble-guppies-good-hair-day-1585388828.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/B/ 10 KB
10 KB 377ms
352ms Image
image/jpeg 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/B/bubble-guppies-good-hair-day-1585388828.jpg

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

58c3399ef6051a79ca1061c2369c75dfef8b53f9967755266e40f5a0b974b16a

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 06:36:33 GMT
server: nginx
etag: "638456f1-2631"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 9777
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 Untitled_1493814440.png
vivanews.asia/wp-content/uploads/thumbs/custom/U/ 63 KB
63 KB 377ms
352ms Image
image/png 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/U/Untitled_1493814440.png

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

aa06e9ae7ff4d566ba5b5bb58e5a0d4f6ef3722974f2f72881a247dc88c47087

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 06:34:09 GMT
server: nginx
etag: "63845661-fae8"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 64232
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 recoil-1668944481.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/R/ 5 KB
6 KB 378ms
353ms Image
image/jpeg 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/R/recoil-1668944481.jpg

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

06f67df6d5f61a5e5c5993071e2f11e4433439179c5e1072a280c38c341a2484

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 06:32:21 GMT
server: nginx
etag: "638455f5-158e"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 5518
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 fnf-vs-five-nights-at-freddys-2-1668512291.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/F/ 16 KB
16 KB 378ms
353ms Image
image/jpeg 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/F/fnf-vs-five-nights-at-freddys-2-1668512291.jpg

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

c33e04a65b94fbe734a7ab1aa56c60237a72c071ea57a7c41be9d66bc79dc537

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 05:02:52 GMT
server: nginx
etag: "638440fc-3e2c"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 15916
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 rainbow-friends-horror-playground-1668175329.png
vivanews.asia/wp-content/uploads/thumbs/custom/R/ 59 KB
60 KB 378ms
354ms Image
image/png 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/R/rainbow-friends-horror-playground-1668175329.png

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

54ac5cf40e7dac93d1bca06e700092b9ed760b43bed977769c117a4410e6f8b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 05:01:28 GMT
server: nginx
etag: "638440a8-ed46"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 60742
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 friday-night-funkin-foned-in-mobile-version-1629885933.png
vivanews.asia/wp-content/uploads/thumbs/custom/F/ 72 KB
72 KB 378ms
354ms Image
image/png 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/F/friday-night-funkin-foned-in-mobile-version-1629885933.png

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

9a729582bb72af90bca58d2ae31d5bf9bfde790855e37cc178aa8496432a9c2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 04:57:49 GMT
server: nginx
etag: "63843fcd-11fc3"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 73667
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 five-nights-at-freddys-1-1642150967.png
vivanews.asia/wp-content/uploads/thumbs/custom/F/ 73 KB
73 KB 379ms
355ms Image
image/png 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/F/five-nights-at-freddys-1-1642150967.png

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

2d88ff141755a1244a45f4c81b8addb815b49eaabf3158d0492bdfc883b88245

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 04:55:46 GMT
server: nginx
etag: "63843f52-12344"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 74564
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 backyard-junk-1667235131.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/B/ 9 KB
10 KB 379ms
355ms Image
image/jpeg 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/B/backyard-junk-1667235131.jpg

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

1084ce3b01bdb94f9f33901c0d2ccc07ff6c29b77383ab9d7f035f98e8e418f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 04:44:30 GMT
server: nginx
etag: "63843cae-2546"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 9542
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 om-nom-connect-classic-1669573142-1.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/O/ 9 KB
9 KB 379ms
355ms Image
image/jpeg 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/O/om-nom-connect-classic-1669573142-1.jpg

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

cca76b60cdd1d620eaeecef628b6c5395d23149e8fc8ec9045b884b585eb1dc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 04:32:09 GMT
server: nginx
etag: "638439c9-226c"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 8812
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 2048cupcakes-150x150.png
vivanews.asia/wp-content/uploads/thumbs/custom/0-9/ 19 KB
19 KB 379ms
356ms Image
image/png 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/uploads/thumbs/custom/0-9/2048cupcakes-150x150.png

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

6bd47176b1c3d762d864aeeb233ca7e793004248449c3843c63657542481a092

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 04:10:53 GMT
server: nginx
etag: "638434cd-4ae8"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 19176
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 jquery.infinitescroll.js Show response
vivanews.asia/wp-content/plugins/infinite-scroll/js/front-end/ 21 KB
12 KB 90ms
90ms Script
application/javascript 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://vivanews.asia/wp-content/plugins/infinite-scroll/js/front-end/jquery.infinitescroll.js?ver=2.6.1

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

fded0bd09f076102d1d2d4ab75e18a20c758a6d63a71458918d937d4fda10e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 04:06:16 GMT
server: nginx
etag: W/"638433b8-528c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 imagesloaded.min.js Show response
vivanews.asia/wp-includes/js/ 5 KB
2 KB 135ms
135ms Script
application/javascript 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://vivanews.asia/wp-includes/js/imagesloaded.min.js?ver=4.1.4

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
last-modified: Thu, 01 Dec 2022 11:05:56 GMT
server: nginx
etag: W/"63888a94-15fd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 masonry.min.js Show response
vivanews.asia/wp-includes/js/ 24 KB
8 KB 109ms
80ms Script
application/javascript 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://vivanews.asia/wp-includes/js/masonry.min.js?ver=4.2.2

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
last-modified: Thu, 01 Dec 2022 11:05:56 GMT
server: nginx
etag: W/"63888a94-5e4a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 general.js Show response
vivanews.asia/wp-content/themes/kizitheme/js/ 278 B
487 B 109ms
80ms Script
application/javascript 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://vivanews.asia/wp-content/themes/kizitheme/js/general.js?ver=6.1.1

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

75eadfc4966f8e40d2f5aa4ebc91741a4bec5599e28b04024d38c3dd9c689477

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 04:06:07 GMT
server: nginx
etag: W/"638433af-116"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 wp-emoji-release.min.js Show response
vivanews.asia/wp-includes/js/ 18 KB
6 KB 380ms
356ms Script
application/javascript 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://vivanews.asia/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
last-modified: Thu, 01 Dec 2022 11:05:56 GMT
server: nginx
etag: W/"63888a94-48b9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 cursor.png
vivanews.asia/wp-content/themes/kizitheme/images/ 3 KB
3 KB 181ms
158ms Image
image/png 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/themes/kizitheme/images/cursor.png

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/wp-content/themes/kizitheme/style.css?ver=6.1.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

45f01389f53d04bb01a647bdd8c45468ca3cdde76233f519729d9d1ff7a42e96

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/wp-content/themes/kizitheme/style.css?ver=6.1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 04:06:07 GMT
server: nginx
etag: "638433af-a58"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2648
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 bg.png
vivanews.asia/wp-content/themes/kizitheme/images/ 574 B
822 B 181ms
158ms Image
image/png 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/themes/kizitheme/images/bg.png

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/wp-content/themes/kizitheme/style.css?ver=6.1.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

b38534408e8ecfce571b2498e509ede194064dca3258fe2fd0d31d685797972d

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/wp-content/themes/kizitheme/style.css?ver=6.1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 04:06:07 GMT
server: nginx
etag: "638433af-23e"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 574
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 dg.png
vivanews.asia/wp-content/themes/kizitheme/images/ 478 B
726 B 181ms
159ms Image
image/png 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/themes/kizitheme/images/dg.png

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/wp-content/themes/kizitheme/style.css?ver=6.1.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

17eebde91d71e72d303e72fc0e868edf07fad12a4b149e0a038b385027521df3

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/wp-content/themes/kizitheme/style.css?ver=6.1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 04:06:07 GMT
server: nginx
etag: "638433af-1de"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 478
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 search.png
vivanews.asia/wp-content/themes/kizitheme/images/ 915 B
1 KB 181ms
159ms Image
image/png 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/themes/kizitheme/images/search.png

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/wp-content/themes/kizitheme/style.css?ver=6.1.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

39a1a12523530085e8302e0e3cf71374bfc493b74a36369cb3f6eb640630eca9

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/wp-content/themes/kizitheme/style.css?ver=6.1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 04:06:07 GMT
server: nginx
etag: "638433af-393"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 915
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 blackspace.png
vivanews.asia/wp-content/themes/kizitheme/images/ 471 B
719 B 182ms
159ms Image
image/png 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/themes/kizitheme/images/blackspace.png

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/wp-content/themes/kizitheme/style.css?ver=6.1.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

9bf5df923c301309cbce4831273710c7ab50e6b2d8ddb275bdfdc924fec29c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/wp-content/themes/kizitheme/style.css?ver=6.1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 04:06:07 GMT
server: nginx
etag: "638433af-1d7"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 471
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 whitespace.png
vivanews.asia/wp-content/themes/kizitheme/images/ 471 B
719 B 182ms
160ms Image
image/png 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/themes/kizitheme/images/whitespace.png

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/wp-content/themes/kizitheme/style.css?ver=6.1.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

bf4e62ceb823aefcf198a034a491c8e17a432df849f317e36ee3fe02f775dc3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/wp-content/themes/kizitheme/style.css?ver=6.1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 04:06:07 GMT
server: nginx
etag: "638433af-1d7"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 471
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 badges.png
vivanews.asia/wp-content/themes/kizitheme/images/ 4 KB
4 KB 182ms
160ms Image
image/png 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vivanews.asia/wp-content/themes/kizitheme/images/badges.png

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/wp-content/themes/kizitheme/style.css?ver=6.1.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.76.61.vultrusercontent.com

Software

nginx /

Resource Hash

86fcbebfc3beb20cc090c44b05e9ca59400de0ca9fc348171e37216dbdb64fa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/wp-content/themes/kizitheme/style.css?ver=6.1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 28 Nov 2022 04:06:07 GMT
server: nginx
etag: "638433af-f92"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3986
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 95ms
24ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%2C300&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vivanews.asia
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 22:53:39 GMT
x-content-type-options: nosniff
age: 587771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15660
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 22:53:39 GMT

GET
H2 200 iconfont.woff
vivanews.asia/wp-content/themes/kizitheme/font/ 11 KB
11 KB 102ms
80ms Font
application/font-woff 45.76.76.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://vivanews.asia/wp-content/themes/kizitheme/font/iconfont.woff?60403388
Requested by: Host: vivanews.asia
URL: https://vivanews.asia/wp-content/themes/kizitheme/css/iconfont.css?ver=6.1.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.76.61.vultrusercontent.com
Software: nginx /
Resource Hash: a73c3d5995e2b9438a42cb9b65351b943265fbde78b8b3b581e67d5018a49af0

Request headers

Referer: https://vivanews.asia/wp-content/themes/kizitheme/css/iconfont.css?ver=6.1.1
Origin: https://vivanews.asia
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
last-modified: Mon, 28 Nov 2022 04:06:07 GMT
server: nginx
etag: "638433af-2ad8"
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 10968
expires: Thu, 07 Dec 2023 18:09:50 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
16 KB 90ms
19ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%2C300&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vivanews.asia
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 22:18:31 GMT
x-content-type-options: nosniff
age: 71479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Dec 2023 22:18:31 GMT

GET
H2 200 pubads_impl_2022120501.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
129 KB 25ms
25ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071184

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 16:33:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178595
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131905
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 09:36:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 05 Dec 2023 16:33:15 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 73 B
83 B 84ms
40ms XHR
application/json 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=vivanews.asia

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c0d1d99e56d40feb850e857a0cc61a76ec8657e9f9fc1e7bae04b42d5da551f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59
x-xss-protection: 0
expires: Wed, 07 Dec 2022 18:09:50 GMT

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
792 B 150ms
46ms Script
application/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=vivanews.asia

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071184

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 118ms
40ms Script
application/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vivanews.asia

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071184

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 76ms
75ms XHR
text/plain 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3150185086976909&correlator=856312751643009&eid=31071151%2C31071184%2C31070232%2C21065725&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=22844651693%2Cads_a&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ifi=1&adks=1665673251&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1670436590354&lmt=1670436590&dlt=1670436589736&idt=576&adxs=315&adys=60&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fvivanews.asia%2F&frm=20&vis=1&psz=1600x250&msz=1600x250&fws=0&ohw=0&ga_vid=1415736191.1670436590&ga_sid=1670436590&ga_hid=1716801575&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071184

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1bab9fe22edab84e52bf1ed9adaf22e71e28d8963ff743691306f871a3ea119d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9488
x-xss-protection: 0
google-lineitem-id: 6152990858
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138412446901
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vivanews.asia
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3DE2 6 KB
3 KB 128ms
40ms Document
text/html 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071184

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vivanews.asia/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 18:09:50 GMT
expires: Thu, 07 Dec 2023 18:09:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4E0A 6 KB
3 KB 28ms
25ms Document
text/html 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071184

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vivanews.asia/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 18:09:50 GMT
expires: Thu, 07 Dec 2023 18:09:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4E0A 24 KB
7 KB 83ms
22ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com
URL: https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 03:22:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 571662
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 01 Dec 2023 03:22:08 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4E0A 143 KB
49 KB 119ms
61ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3308065306784993

Requested by

Host: 5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com
URL: https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01b56a47fe308931676251e54f09978ae3c113933585fb2b718e93d0617a49b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/
Origin: https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49198
x-xss-protection: 0
server: cafe
etag: 11602991462876482212
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 18:09:50 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4E0A 153 KB
47 KB 113ms
54ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com
URL: https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47692
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670243872199174"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 07 Dec 2022 18:09:50 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4E0A 0
0 82ms
81ms Fetch
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuy-5NfxF4rgTxmcGZ9LrPoBnTOnVWPhLYXAU4WxURgXTNo290MQmkv5qxn4ocRgbUp26BmYbmcPYey9dEn0uWo8bdoniY82EVRq6QkapzCajCjukMj6czDQ-BuY2GfC495Cgp_55_gH1R3rkqDbU-IRyKR5pWvWKbvKLznNto3FBoLBGhD-TI6XL_N27i3SXNPdYFiUBCYVY3xLhGxY5uk1uCZOBSz4a-NSHy2moxh-zl1qlkX3_0KjXrOUQsjx7E9iuVEa9GfsNHGp8Y_wHF0OaLKxfXyiPpjOjrKPiiuieCxdkN7e2Dm&sai=AMfl-YSAWwsaWDypw6UvUueiUSgxIoSU_WYifQVNQkPkY_nRob3y997Q5nh193kqhP1quTuGRCQQSe-stJCl-w2Jm_Gl4CDRvuGJVFZ1eLunZoT5aK1S3NLyZjoPfWE1-FOLujQE&sig=Cg0ArKJSzDRdwkx3GWe4EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com
URL: https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 07 Dec 2022 18:09:50 GMT

GET
DATA 200
OK truncated
/ Frame 4E0A 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 725cec0adb3474254d639c60ce66dcf7787f811dbbc9999afe3b89ffd53d786d

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/ Frame 4E0A 355 KB
117 KB 119ms
78ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3308065306784993

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24098ffd52c543cd93401f1b57100d207a92f4f203d3f6de73d9e21db52f6ebf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119786
x-xss-protection: 0
server: cafe
etag: 2753446575527297894
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 18:09:50 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221129/r20190131/ Frame A90A 10 KB
5 KB 69ms
20ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221129/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3308065306784993

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 3444
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 17:12:26 GMT
etag: 10353107486223812946
expires: Wed, 21 Dec 2022 17:12:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4E0A 0
0 83ms
82ms Fetch
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5DGFe4Sbu2XVka36pZmR7CbXMzgx8HW_yvwgOEZMoXt9Gfh0-5tWRHA4KCz3x3AjA_fRdKYRnAXXcnaHilr6Vg9CDev-kjA7mJa_qnpDrtii2dtgt-2aLdMLRKX9qEzvWRujcbGGrYT1wEcKOwT2YpkAF7LBMVh0Oc4EUv19DEe3FaU2vox70aRoC_lTGRaKYe4B0Ra0sa5hVBgL-sXgRO9dPn6jWR58-WRj2rES31SGhOpubNAMdy0hA715HFy2xLSW8p3eEmHxrSN3ru2svT-1V0TXGSusALiO4KkAq1psHSPTcjmAWgpA&sai=AMfl-YQu0q_pONeqR1-1fr0i8jaxENLFf0BZxccN7M05K6XUH_PJpZAK5PWbuzRTRk6rgQQ5dpDLoywLJEpmhathhQY3IDn5KV_TL462_AtZrAmb0uomZjLWqwDu1hquu6R--yeH&sig=Cg0ArKJSzA_gzVj_ZhErEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 07 Dec 2022 18:09:51 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 101ms
58ms XHR
application/json 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071184

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45a5a7e1516d809fd5f1ce8f72237a8b4148aa46b8b055f22385e30bb6e67a42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11288
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.ca/adsid/ Frame 4E0A 107 B
122 B 80ms
39ms Script
application/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4E0A 107 B
122 B 83ms
41ms Script
application/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2EFF 0
16 B 154ms
113ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&adk=1812271804&adf=3279755399&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670436590778&bpp=5&bdt=245&idt=189&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&nras=1&correlator=6802309372592&frm=24&ife=3&pv=2&ga_vid=186587116.1670436591&ga_sid=1670436591&ga_hid=1502866042&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3623698145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=4157502748526341&tmod=1347136777&uas=0&nvt=1&etu=ALEzveltYJkQJOiuicy-L0678qHkMlYftZUIoTdMAZhTkCCVYkBHkjR1wejrzdczwwbYYTyO8JSYOTw&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.t7gpdtdhahyj&fsb=1&dtd=260

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 18:09:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4E0A 14 KB
11 KB 69ms
51ms XHR
application/json 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221129&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86cd172029aaf00d8aaf4b710ae202115e9f60262d0cff5c1c0ec48bc2e7824f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11013
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6782 27 KB
12 KB 1591ms
1560ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3173046730&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670436590778&bpp=2&bdt=244&idt=219&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6802309372592&frm=24&ife=3&pv=1&ga_vid=186587116.1670436591&ga_sid=1670436591&ga_hid=1502866042&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3623698145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=4157502748526341&tmod=1347136777&uas=0&nvt=1&etu=ALEzveltYJkQJOiuicy-L0678qHkMlYftZUIoTdMAZhTkCCVYkBHkjR1wejrzdczwwbYYTyO8JSYOTw&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.82lxsd6kjy9j&fsb=1&dtd=272

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b03624a4c39691ace4ea254f4255fea92bc411f9233956cde68916f657cb7412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 12540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 18:09:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4E0A 17 KB
6 KB 103ms
60ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 07 Dec 2022 18:09:51 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 149ms
116ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071184

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 07 Dec 2022 18:09:51 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D22A 13 KB
5 KB 23ms
20ms Document
text/html 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 90778
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 16:56:53 GMT
expires: Wed, 06 Dec 2023 16:56:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2320 783 B
1 KB 93ms
40ms Document
text/html 2607:f8b0:4006:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

57366c2247050026db3ded157b31c233bc2d2d58dc363c56014b5fbd33b44704

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pjblW22ZDvbbj5LT2-ZUFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-pjblW22ZDvbbj5LT2-ZUFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 18:09:51 GMT
expires: Wed, 07 Dec 2022 18:09:51 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 o1Uwx-LeZy1xXNnqv4YwBo-O3KbbR1TU6AaZC5EN1kw.js Show response
pagead2.googlesyndication.com/bg/ Frame D22A 36 KB
16 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/o1Uwx-LeZy1xXNnqv4YwBo-O3KbbR1TU6AaZC5EN1kw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a35530c7e2de672d715cd9eabf8630068f8edca6db4754d4e806990b910dd64c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 22:44:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 415518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16040
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 22:44:33 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 913D 13 KB
5 KB 22ms
19ms Document
text/html 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vivanews.asia/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 90778
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 16:56:53 GMT
expires: Wed, 06 Dec 2023 16:56:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F595 783 B
739 B 41ms
40ms Document
text/html 2607:f8b0:4006:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3db431c3a9217c58b86c78ef1c9fcf7f44e35d599350e9d027ec28454a7c32e9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nRrzfpaHBQG1Aza1s9UnOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vivanews.asia/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-nRrzfpaHBQG1Aza1s9UnOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 18:09:51 GMT
expires: Wed, 07 Dec 2022 18:09:51 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2320 0
0 90ms
90ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221129&jk=4157502748526341&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F595 0
0 80ms
80ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=3150185086976909&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H3 200 o1Uwx-LeZy1xXNnqv4YwBo-O3KbbR1TU6AaZC5EN1kw.js Show response
pagead2.googlesyndication.com/bg/ Frame 913D 36 KB
16 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/o1Uwx-LeZy1xXNnqv4YwBo-O3KbbR1TU6AaZC5EN1kw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a35530c7e2de672d715cd9eabf8630068f8edca6db4754d4e806990b910dd64c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 22:44:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 415518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16040
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 22:44:33 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D22A 0
10 B 21ms
19ms Image
text/plain 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?K4VPxw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:51 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 913D 0
10 B 20ms
19ms Image
text/plain 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?blUTwg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:51 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4E0A 42 B
64 B 80ms
79ms Fetch
image/gif 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssXLw1QEivRc6jGU5A_h9Z4DK417TJ0xxbr9qEuFAMlE4-AEkukKyd8nEmPy7LFl_b9zGndt0oxtIip1SdXMFtrxC9ezSNPII74v629rg4pdBtw2JIL&sig=Cg0ArKJSzA1Ncp9gIfjPEAE&id=lidar2&mcvt=1000&p=60,315,310,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221205&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1665673251&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670436590487&rpt=522&isd=0&lsd=0&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 18:09:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4E0A 0
0 82ms
81ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221129&jk=4157502748526341&bg=!pqWlpeHNAAa7eOFIm3g7ACkAdvg8WmILPEpVjq4WKNVPm37TrhcpoMdmxeyCTNND6N-4Shhs_C8IewIAAADSUgAAAARoAQeZAunxZS4eG1ETMQMuginp6mYHgeYdBrFWH8Vfe8QHxOZRA_cIHL0-SjXtIYAK5wn5m9bL6pQ2UmO-OT9eRlhHQaged1LrEsevYeAa3vcLVcQyAsZVoh2t9U19ewcMXTiJzBpJIx6GDQt3g79jkKEhAGjsZBiD8C3DKWIMY6dSNKnW3pFwbq_3PMKToaunlDRxs0FGz75_p4ZUsbUupvGs-ZnIwF2xXkdMempg0yVTFG3CV6ELM4Tw4v9W1nZPZnnHjUJ52B5zuIa6jw3sGQn1LfTLfUrjEiKsA18UuR1QNQlaaiA36cVDL0HRy7MpLUmDdjn44J584qlyLD03y6QXRtwbUUo-h4Rkxe9wC22PKoJ3abRURwnXVHCmab2ZPr4JzjXQipFdoAaov04uxpMLJWz9Ci7zyk3Swo2SmvuzUrkponSvEPEej33rFX8_TQFtovAy6WvZxA0me9x8Bbu4uEhQeaCqBpeFAkXZ1FdTtC3tY4ul7wfAHAg7xUluWdas5qoKrHeVZUeO13nVrxIcuYtiK49wQZAojjfodyScqD_Uz4pXfpiqRNv-0_MGr2MYe5YFC53txHtEtATKU7accxe3nTs0LiB2NBpvHxUCVVNmIrdMGQxf_yDDC7oq06VJ80hzBB3od5Yh2dQVcyPUp0JPLzt_O7FNy6aU4mNerD1BgTjSxqcG8m-h1xpTDdjG7DHUfevoPGH9J3wbwxi7h3Kl06xG_Ddep6PZYkb7vpYifMJcnyAqqv2ElTjQIVxs9ZFv0ME5rRccl63hU8aibrhR-vs9rvlQRluPF_gHRcoX36olzfM9TO17Kx2f3yXGef5rTrHy8gs-Y4POmnAfLBM4WwOjS-NJGLXNbN774wV9yUQDbj6cZphGDKUmSgSLl6W_ck6Bppn-pX1NsZe_CC8m0LhYD02fURIZMYwT3kJ_vp5gouxCYhkdxf220tmYgkKQ1b_4vxbrTIOfiVXDmq6ifjFSa6UtYJLM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 84ms
84ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120501&jk=3150185086976909&bg=!BgWlBUHNAAa7eOFIm3g7ACkAdvg8WpP2aCbPLDHHe4x-iIcNO_xUJLYxGzdbgwwHlAOuT0JRdOwWTQIAAACZUgAAAANoAQcKAFCVCPWRuCXzlefbGQlUrUsKtt7QIK3i_gfUm_2iMlo-JD1809PKseWZtl8Dl_UK6gBOB89JCBoVxUK0Ix1bh9ue9ainbIf-I7NiJM3KM2rnNpkCp5UxCG9Rkg7wb65-fFM-8MHQS_vZZUcZ24lCWhb2TzPuwWEyIFKbC9mDXH2D_Mc4pFu5MzG_uPIYBl3NKUQ71-VoJADc08E19Gtmclz6_l32yhXBiLOiuRaDTC4i9s89cP_tUuIfACgZK5r9GrMosN0NmPXCUYzAR6wCBF-ahD-X7dZN3cMbubDz2uGLKxAWC7DXQy1wI2fsg4hLDxEGK-R85e7I0O2BWNaIzUg0rPqamQxEqhaTmLq6r9zWBfnDtNEEV4l3xfyV_4prrIAjlvNdRjP_5smJH1EpTYFP1tldymoVYxkfhidq2jVECj1cAhJ4T2cZHWOPkK1ITZmuZGuUX8UIpE9AWH5z3_WH7rhqM5gZ-WGE3qRGfnZXDpMWw0cdi33-5iJ-HE90o6ArJ0rFS4bMdTR0ofg0JQM3JyIWn3AeIYkeE1IG2_-lBjXOqomPUt37q09p8KxvqiNBrz1hpUKum4_q4f7JL5c0P9aTkwmEX7v_KSESQXRXI_RVXfcwRNwFHXFdl7dF89SE8lGSYWGBwFYoX8KykRUZsui9matBezYeCm5t0yVp9Hc1CQOTu-gnP68iLKW_ALFrMDAxoQkRihytmpWHqDYAuiw6Csyj0Dnz2gMvD9GzwK5dvKMYdxTobbuEdUmeP2cBhkJKKybGuL_KsYi4CjBFzgRcr_TvBg0EOi1L4St4EZ5s9hYpcYmVBBrsSQJQnYA-j7m0bGxJENRsqmLKzM8jtNnrfDtY333ct0sw4v5nejy7w8AP0qfa3MhXZ5R1itdsvmUJ3B8OzP6QJXMrnTevAG-2krph9iJwgyxWNDqctV2xDOiHhcpVsbTgfqOKu8rO3mc_26_ATGh3nUerMQifherOL02QGq_8ghXrsgsIOAOqmjmXDr2vlwY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6782 42 B
63 B 80ms
80ms Image
image/gif 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DloRhXxxakEgIg7LOKWrPslnKW2j_9v024UTpeplkvTxRzacSev43qYpDwL5jXtdX_nYpWXbWlqZmFygdCZkPxpzM0WZ8m3O8OuK03_Ees73HLb-4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3173046730&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670436590778&bpp=2&bdt=244&idt=219&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6802309372592&frm=24&ife=3&pv=1&ga_vid=186587116.1670436591&ga_sid=1670436591&ga_hid=1502866042&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3623698145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=4157502748526341&tmod=1347136777&uas=0&nvt=1&etu=ALEzveltYJkQJOiuicy-L0678qHkMlYftZUIoTdMAZhTkCCVYkBHkjR1wejrzdczwwbYYTyO8JSYOTw&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.82lxsd6kjy9j&fsb=1&dtd=272

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 18:09:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 6782 3 KB
1 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 00:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63223
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Dec 2022 00:36:09 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 6782 18 KB
7 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 01:05:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7443
x-xss-protection: 0
server: cafe
etag: 629801499763588852
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Dec 2022 01:05:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6782 0
0 86ms
42ms Image
text/html 2607:f8b0:4006:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSZxJ0XdTAQNxzZaLvnzic5NxHb7GcRE0S-242m06Hn1JuJBx7Wj8xsgJ8NeKi3IGR6Ck_yvH_Isc2lYup1zsRztzJdkA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3173046730&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670436590778&bpp=2&bdt=244&idt=219&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6802309372592&frm=24&ife=3&pv=1&ga_vid=186587116.1670436591&ga_sid=1670436591&ga_hid=1502866042&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3623698145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=4157502748526341&tmod=1347136777&uas=0&nvt=1&etu=ALEzveltYJkQJOiuicy-L0678qHkMlYftZUIoTdMAZhTkCCVYkBHkjR1wejrzdczwwbYYTyO8JSYOTw&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.82lxsd6kjy9j&fsb=1&dtd=272
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6782 153 KB
47 KB 718ms
675ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47692
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670243872199174"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 07 Dec 2022 18:09:53 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/ Frame 6782 23 KB
9 KB 21ms
19ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e965485436a460b6ffc44695b148993598bd4e6cdb8447a547fb5609e3ca152

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 01:05:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9421
x-xss-protection: 0
server: cafe
etag: 8437175705735068947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Dec 2022 01:05:49 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 31A7 624 B
242 B 47ms
46ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMH6FRCUyVkYi5v42QEwAQ&v=APEucNXDe_3VxTZlO3QMq9m6wAiOpHEIQLLLGAiZ6WikudEBpegE5wl96Tgq54o_XKRfz3eURbxjExJ_8aQUt_G-FqCE7Z-nOQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3173046730&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670436590778&bpp=2&bdt=244&idt=219&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6802309372592&frm=24&ife=3&pv=1&ga_vid=186587116.1670436591&ga_sid=1670436591&ga_hid=1502866042&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3623698145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=4157502748526341&tmod=1347136777&uas=0&nvt=1&etu=ALEzveltYJkQJOiuicy-L0678qHkMlYftZUIoTdMAZhTkCCVYkBHkjR1wejrzdczwwbYYTyO8JSYOTw&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.82lxsd6kjy9j&fsb=1&dtd=272
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 18:09:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6782 123 KB
35 KB 93ms
93ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BmJAgAp-p4PQ2bEdfrwPzjqhADgmUUVH_oyrTSElvHVpBUGFnxHCFI_EtS1iG2NbZI1UKBNvr9KEzPyhOYmobh7RVx3N1nf5SwY5M0BDmPEuSnsFUnyJnxU0LaFjtT3SahUnqw5HecI3mmClgVUnPasZTKOakhs9Nn4rLfeoTJHSsA9yg&dbm_d=AKAmf-CpRDh2J_mIPa1wUZzCgRKQXT6xME5U_zopcdaEqq0BtTB3TFC5_1TUf93Kw1HJdsSWi1PIUrCtVpebL-LhlNlXtA5R4mCy1SOCIp8tUJtciKTz1Fokdu_ja5wCdF2HMrBhmtJv8IIuwhdYamdOyFDC9_E8Fi068SSMDx094o5ZwBKzEtyla209Jz3zjt7jU4pdr9BXE-8sprw7UlAla6rPg1W1aZr2YtyPhoSLrlOtvCbM58-u5Hxqa2KkXgXnKsS4uZicHsRJSTN5hlksuw8VhNUgFzRdGe6Bc5842CFwgLls8GCnVsvQ7gaeeULkbF3zwwEtDCF6dMC3x1rJ39lJvf7EBYChi8c6QNmTYXQv7iWc3pUp8N9jbVZX12ADxq-Rc6OZVkgOAt4_fZEXaP3HQSrEOFP3W6a-pkqrQalDLS3oeVryg3lWIFhsm9SHhCWP9yx1as-fPt4AbWcQ0vuyVUA-NTE61cHuIfAA4TGzHFw4aLsG7GVqdSnhuBEgkx7hUhtXmy1P3-wCP8u-4yCut4G_cul9dms8KVm52jX7cX75INlcmJ3oWombsEB_hb9EWczoJR30Vex3TDtimxl3sTQFTzwtuIZM-admikEQy3OSWiD4C11MLp5UUGR5Giquj6IlE2oAep3UGyXOo4B3Szh77gg9kbYzJ9rmPQHxXT5WLgttmLP5H1PHY_CxyPV5noi1GaYR-SQEerG0pd1EL4RM-c6-3HTbfcTGems1iGslo7YC4FsRzf0LMCp9Q3qfHQVyIlxnbvZ3nemEzbci-Q7skBK1_u6bLmzDjElVOGca2Bk899yLoxA_YwNUwxzzmAHRdP_cxezt7zJ7ZsBFjTDobx3iMCJFMFN74A48ozz4GeoUjvwlFaJYY4FPQFGsuKz5WZEwK1rwP7_P1ZoBBSufBjeebiDmgrBS592CHu7EmFEhyP9O1PejF4tX1hYdKHzSksNPreXTBZU8AaadUiPa_mvX2U7ay0fpYdJn68h16F4KR3BMiAh06ZJuEFyHyEeIJVP3l65uwwuXpamHCAWRgS8YNpShmfAubkuDlHLNAsqnM3uO3XVxCVDqnfj7Ksnx5u4NeIrxEZh121VzvRLukgwZ-F1Lam8m3nm3SvBzcT2abMxU0wKG45mJEDxfHrNVAKL7rRS9mWQJFX8I9g_QDFfx1gp6zoaNJ06kK3yYJPTp-MjdHz7NAeznm4B2I0E9LUUBYH72WQ1zyyrDuKC0w7g-0anSlZ1o6LxmHcfmNJPnMJCGwrEW1SuwVO-RusXfie-FzVWeKga59kDxQ-ZtcVeyAN3s9-HMgkuHbXShMMWjpvL3lcpmPtdlXakShFbUhwpRHHyb8YcV0FzGN7zGCGJz8b_1MKPHUzTQo9e0ocLThzzhovUedMsncB4ePX_SIYyWNh-e4-UogzYsyxNAiaaLMSkAgQbN2Qfc6KSZIw0B8mNMyo_3FoJiq_6Ck5ogvTO1NNzSUOX-QV3dF7weBtaVuc9OjBML0_I_Pe_LFCpsL0E24xnNg4iSyUb23PXEa5-Ta_d1RON1k9Z59Y9ecZ2G0U-gK2FZ_bVPC68m8VdDe2b0lUNnRCugIy1dhAJiMW-73tQLdpJH8ZnHtXobkY1Uk0FiLnXCmKydOlAWKe9erbj5hoK3L57QOD9bH33xM_k4fV6rquCqnUIj6Wrd_uEGZRHMzDGdEEf4w2eTp4Ue3h40W2DOt6mTReJWiG36fLYIHNVIF_GIqksAjVtcdzufQ0aQPOx1MseGpEkGCKzOJUnPjx2sTXNJcN77Dv818F6jCP-LN_NFMlSAXNrM5UWqVg8wIi2QwIK3zWK0q-2gEA-FKMgauME0LhIW_ERcbnNUcyuxOZDr5UC7ZyGy_qAgfqa0ZfiAyfB5WJTFOA3fPvInwru17xY_yOgCFG5bpWtQmd_FOdXcSWqAItsC5_No0PUfuBxqEbZCsY7Tnq9VpDOkoYiUgTOcnzurHujhN7W-4SJJkJ6BffwxjvEBzaJwO_wgLBRKQn-NWdOUHqDGoPP9FPvMICGqtogXIHbIP0AdDaoLXQ0t04t0t_lyjTbYvCsvB0_aCak-MUfg4GEj6_bORfCXKQlwXzyMKZT_CuSi3eem_eAFBCo3iK29XaHSI389pUcergIgNN6oMXy98OVwDV8QkZE24MrPMJENXtQ2TB7u8FgnELPs-ufS1peRDMWFGZRqrKODSegjkNMTwtfrP_ImGSBZ1etuCS-Is6Wx4d2LJPIZqW-bxiJKWHetQbVf5kC_a8YagZ_l2Q1m5Y5bOW_yUBmdxi1j-kFeV1_-3V0PiM1rn7ambWhVU5ZztTjPi8XmpMLhLHUXqfctfFTl09O-5pU8FcXhcRiqY5pjdvuP36AZ3OSGsI_HMtPMGLFi8iDWuuy-SFtiR3hkIa73kJOJguxw3JgghViRMNQjSPU1DyVuxnn42pZbddtVOrO-gzHtg1K8kfhv9aO_-NRQJcayU1ui1OJyGZJ_UZClknF7xUswjPIAEqnzkiD0mu9tLHrJEEGkyKRae0C0yGu9rceez9lK4BZR89BMN-s18PkpS7fFOwL6Ij2CZLaSYl5E-8zALstsc2S9psQTeKYeDZVOEeMAwSjjkx_GXwxXgFEUJDxxKN-4JFFWIco7dqu0cyMq1wJRTvy_JbSdP9evMfRhcGYwWqMWuZeqygHRqeTZWYAXl1FMHepAVLvYdywkmPMaDSLFQhdossgIR-f1O9Y1Oq6E6x2a5yeCKiNKtUxyk8yp2hdUyX3923LUEXEjAHG2zHL26cGzFJTPLuSLftuhFJJIYYNz8MTWqfVlZhE_LRMq0z-5INYv80CdRylcDb3tTxk9qSp1oKdNmH1sGWD_bRJTmQVQLLPgjXdsdTfSTR2EIcIFXqhtEpv2OrusDOGGtVTXK_x29WN-QhO_-X4LAwuyoOvzWhhTnmFy6oyP5rw3rGSTZPCo1kxRsxE2RgmrrvAezhtWYN2rC6Wvdbf7hKBh1rCQ26VGH4HHBt02iqAyHAkMJgQiZBIl1nLWyvgXWvEenKwXupSpiSn6XlU-9DUUcwBIzM-4p_LtD-LJifb2wFbZQv7Z7cy1LALE6Tb2s1UC1D3Y-9LtV-AJiHmo1s82E_wCk5saVjYHyBJm6Uv7XE6v8GBCMSIwaWjRLjDHmldou0ugsQbBSmW0kNPEDifIBLuT3NaPELJ38ZiqufACRWN9K2xtm980h6J1y0_lWV7jdEklDu4&cid=CAQSKQDq26N9H1H2ugAjLuesIIPNfObN0l0wj6DjMDt5dmMhTSJagsoAx1vyGAEgEw&rfl=2%2Chttps%253A%252F%252Fvivanews.asia%242%2Chttps%253A%252F%252F5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92e7b397cdc4be8a86f2b4410316bc67fdf345c4d4282a433e4ba990eae3b749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3173046730&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670436590778&bpp=2&bdt=244&idt=219&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6802309372592&frm=24&ife=3&pv=1&ga_vid=186587116.1670436591&ga_sid=1670436591&ga_hid=1502866042&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3623698145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=4157502748526341&tmod=1347136777&uas=0&nvt=1&etu=ALEzveltYJkQJOiuicy-L0678qHkMlYftZUIoTdMAZhTkCCVYkBHkjR1wejrzdczwwbYYTyO8JSYOTw&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.82lxsd6kjy9j&fsb=1&dtd=272
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 18:09:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35697
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 31A7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGn63Gq8lRw6Fo0U70SdvSA&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGn63Gq8lRw6Fo0U70SdvSA&google_cver=1&C=1

43 B
766 B

25ms
21ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGn63Gq8lRw6Fo0U70SdvSA&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMH6FRCUyVkYi5v42QEwAQ&v=APEucNXDe_3VxTZlO3QMq9m6wAiOpHEIQLLLGAiZ6WikudEBpegE5wl96Tgq54o_XKRfz3eURbxjExJ_8aQUt_G-FqCE7Z-nOQ
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Dec 2022 18:09:52 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 07 Dec 2022 18:09:52 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEGn63Gq8lRw6Fo0U70SdvSA&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 31A7
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y5DW8LNfJW9dzBIaockglwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGn63Gq8lRw6Fo0U70SdvSA&google_cver=1

43 B
894 B

23ms
23ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGn63Gq8lRw6Fo0U70SdvSA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMH6FRCUyVkYi5v42QEwAQ&v=APEucNXDe_3VxTZlO3QMq9m6wAiOpHEIQLLLGAiZ6WikudEBpegE5wl96Tgq54o_XKRfz3eURbxjExJ_8aQUt_G-FqCE7Z-nOQ
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Dec 2022 18:09:52 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Dec 2022 18:09:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGn63Gq8lRw6Fo0U70SdvSA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 31A7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEM0Rzo7fnSdVfzXA--Etyt8&google_cver=1

43 B
1018 B

63ms
50ms

Image
image/gif

68.67.160.186
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEM0Rzo7fnSdVfzXA--Etyt8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMH6FRCUyVkYi5v42QEwAQ&v=APEucNXDe_3VxTZlO3QMq9m6wAiOpHEIQLLLGAiZ6WikudEBpegE5wl96Tgq54o_XKRfz3eURbxjExJ_8aQUt_G-FqCE7Z-nOQ

Protocol

HTTP/1.1

Server

68.67.160.186 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Dec 2022 18:09:52 GMT
AN-X-Request-Uuid: 131ec01c-5cfc-442d-aa64-86012ae6932d
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 149.56.153.178; 149.56.153.178; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Dec 2022 18:09:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEM0Rzo7fnSdVfzXA--Etyt8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 31A7
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE2Nzg5NDgzNDQzNjQ4ODU3OA%3D%3D

170 B
188 B

92ms
37ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE2Nzg5NDgzNDQzNjQ4ODU3OA%3D%3D

Requested by

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 18:09:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 07 Dec 2022 18:09:52 GMT
AN-X-Request-Uuid: cd8556f3-1c02-452d-8039-cc534174c95c
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE2Nzg5NDgzNDQzNjQ4ODU3OA%3D%3D
Connection: keep-alive
X-Proxy-Origin: 149.56.153.178; 149.56.153.178; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 6782 170 KB
59 KB 97ms
23ms Script
text/javascript 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 20:20:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78543
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Dec 2022 20:20:49 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221206/r20110914/elements/html/ Frame 6782 8 KB
3 KB 32ms
31ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221206/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BmJAgAp-p4PQ2bEdfrwPzjqhADgmUUVH_oyrTSElvHVpBUGFnxHCFI_EtS1iG2NbZI1UKBNvr9KEzPyhOYmobh7RVx3N1nf5SwY5M0BDmPEuSnsFUnyJnxU0LaFjtT3SahUnqw5HecI3mmClgVUnPasZTKOakhs9Nn4rLfeoTJHSsA9yg&dbm_d=AKAmf-CpRDh2J_mIPa1wUZzCgRKQXT6xME5U_zopcdaEqq0BtTB3TFC5_1TUf93Kw1HJdsSWi1PIUrCtVpebL-LhlNlXtA5R4mCy1SOCIp8tUJtciKTz1Fokdu_ja5wCdF2HMrBhmtJv8IIuwhdYamdOyFDC9_E8Fi068SSMDx094o5ZwBKzEtyla209Jz3zjt7jU4pdr9BXE-8sprw7UlAla6rPg1W1aZr2YtyPhoSLrlOtvCbM58-u5Hxqa2KkXgXnKsS4uZicHsRJSTN5hlksuw8VhNUgFzRdGe6Bc5842CFwgLls8GCnVsvQ7gaeeULkbF3zwwEtDCF6dMC3x1rJ39lJvf7EBYChi8c6QNmTYXQv7iWc3pUp8N9jbVZX12ADxq-Rc6OZVkgOAt4_fZEXaP3HQSrEOFP3W6a-pkqrQalDLS3oeVryg3lWIFhsm9SHhCWP9yx1as-fPt4AbWcQ0vuyVUA-NTE61cHuIfAA4TGzHFw4aLsG7GVqdSnhuBEgkx7hUhtXmy1P3-wCP8u-4yCut4G_cul9dms8KVm52jX7cX75INlcmJ3oWombsEB_hb9EWczoJR30Vex3TDtimxl3sTQFTzwtuIZM-admikEQy3OSWiD4C11MLp5UUGR5Giquj6IlE2oAep3UGyXOo4B3Szh77gg9kbYzJ9rmPQHxXT5WLgttmLP5H1PHY_CxyPV5noi1GaYR-SQEerG0pd1EL4RM-c6-3HTbfcTGems1iGslo7YC4FsRzf0LMCp9Q3qfHQVyIlxnbvZ3nemEzbci-Q7skBK1_u6bLmzDjElVOGca2Bk899yLoxA_YwNUwxzzmAHRdP_cxezt7zJ7ZsBFjTDobx3iMCJFMFN74A48ozz4GeoUjvwlFaJYY4FPQFGsuKz5WZEwK1rwP7_P1ZoBBSufBjeebiDmgrBS592CHu7EmFEhyP9O1PejF4tX1hYdKHzSksNPreXTBZU8AaadUiPa_mvX2U7ay0fpYdJn68h16F4KR3BMiAh06ZJuEFyHyEeIJVP3l65uwwuXpamHCAWRgS8YNpShmfAubkuDlHLNAsqnM3uO3XVxCVDqnfj7Ksnx5u4NeIrxEZh121VzvRLukgwZ-F1Lam8m3nm3SvBzcT2abMxU0wKG45mJEDxfHrNVAKL7rRS9mWQJFX8I9g_QDFfx1gp6zoaNJ06kK3yYJPTp-MjdHz7NAeznm4B2I0E9LUUBYH72WQ1zyyrDuKC0w7g-0anSlZ1o6LxmHcfmNJPnMJCGwrEW1SuwVO-RusXfie-FzVWeKga59kDxQ-ZtcVeyAN3s9-HMgkuHbXShMMWjpvL3lcpmPtdlXakShFbUhwpRHHyb8YcV0FzGN7zGCGJz8b_1MKPHUzTQo9e0ocLThzzhovUedMsncB4ePX_SIYyWNh-e4-UogzYsyxNAiaaLMSkAgQbN2Qfc6KSZIw0B8mNMyo_3FoJiq_6Ck5ogvTO1NNzSUOX-QV3dF7weBtaVuc9OjBML0_I_Pe_LFCpsL0E24xnNg4iSyUb23PXEa5-Ta_d1RON1k9Z59Y9ecZ2G0U-gK2FZ_bVPC68m8VdDe2b0lUNnRCugIy1dhAJiMW-73tQLdpJH8ZnHtXobkY1Uk0FiLnXCmKydOlAWKe9erbj5hoK3L57QOD9bH33xM_k4fV6rquCqnUIj6Wrd_uEGZRHMzDGdEEf4w2eTp4Ue3h40W2DOt6mTReJWiG36fLYIHNVIF_GIqksAjVtcdzufQ0aQPOx1MseGpEkGCKzOJUnPjx2sTXNJcN77Dv818F6jCP-LN_NFMlSAXNrM5UWqVg8wIi2QwIK3zWK0q-2gEA-FKMgauME0LhIW_ERcbnNUcyuxOZDr5UC7ZyGy_qAgfqa0ZfiAyfB5WJTFOA3fPvInwru17xY_yOgCFG5bpWtQmd_FOdXcSWqAItsC5_No0PUfuBxqEbZCsY7Tnq9VpDOkoYiUgTOcnzurHujhN7W-4SJJkJ6BffwxjvEBzaJwO_wgLBRKQn-NWdOUHqDGoPP9FPvMICGqtogXIHbIP0AdDaoLXQ0t04t0t_lyjTbYvCsvB0_aCak-MUfg4GEj6_bORfCXKQlwXzyMKZT_CuSi3eem_eAFBCo3iK29XaHSI389pUcergIgNN6oMXy98OVwDV8QkZE24MrPMJENXtQ2TB7u8FgnELPs-ufS1peRDMWFGZRqrKODSegjkNMTwtfrP_ImGSBZ1etuCS-Is6Wx4d2LJPIZqW-bxiJKWHetQbVf5kC_a8YagZ_l2Q1m5Y5bOW_yUBmdxi1j-kFeV1_-3V0PiM1rn7ambWhVU5ZztTjPi8XmpMLhLHUXqfctfFTl09O-5pU8FcXhcRiqY5pjdvuP36AZ3OSGsI_HMtPMGLFi8iDWuuy-SFtiR3hkIa73kJOJguxw3JgghViRMNQjSPU1DyVuxnn42pZbddtVOrO-gzHtg1K8kfhv9aO_-NRQJcayU1ui1OJyGZJ_UZClknF7xUswjPIAEqnzkiD0mu9tLHrJEEGkyKRae0C0yGu9rceez9lK4BZR89BMN-s18PkpS7fFOwL6Ij2CZLaSYl5E-8zALstsc2S9psQTeKYeDZVOEeMAwSjjkx_GXwxXgFEUJDxxKN-4JFFWIco7dqu0cyMq1wJRTvy_JbSdP9evMfRhcGYwWqMWuZeqygHRqeTZWYAXl1FMHepAVLvYdywkmPMaDSLFQhdossgIR-f1O9Y1Oq6E6x2a5yeCKiNKtUxyk8yp2hdUyX3923LUEXEjAHG2zHL26cGzFJTPLuSLftuhFJJIYYNz8MTWqfVlZhE_LRMq0z-5INYv80CdRylcDb3tTxk9qSp1oKdNmH1sGWD_bRJTmQVQLLPgjXdsdTfSTR2EIcIFXqhtEpv2OrusDOGGtVTXK_x29WN-QhO_-X4LAwuyoOvzWhhTnmFy6oyP5rw3rGSTZPCo1kxRsxE2RgmrrvAezhtWYN2rC6Wvdbf7hKBh1rCQ26VGH4HHBt02iqAyHAkMJgQiZBIl1nLWyvgXWvEenKwXupSpiSn6XlU-9DUUcwBIzM-4p_LtD-LJifb2wFbZQv7Z7cy1LALE6Tb2s1UC1D3Y-9LtV-AJiHmo1s82E_wCk5saVjYHyBJm6Uv7XE6v8GBCMSIwaWjRLjDHmldou0ugsQbBSmW0kNPEDifIBLuT3NaPELJ38ZiqufACRWN9K2xtm980h6J1y0_lWV7jdEklDu4&cid=CAQSKQDq26N9H1H2ugAjLuesIIPNfObN0l0wj6DjMDt5dmMhTSJagsoAx1vyGAEgEw&rfl=2%2Chttps%253A%252F%252Fvivanews.asia%242%2Chttps%253A%252F%252F5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:07:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Dec 2022 18:07:55 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame 6782 30 KB
11 KB 28ms
27ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:07:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11387
x-xss-protection: 0
server: cafe
etag: 8197878782792770439
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Dec 2022 18:07:15 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6782 41 KB
15 KB 22ms
21ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 05:44:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 131117
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Dec 2023 05:44:35 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B0EA 1 KB
643 B 22ms
21ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 81185
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 19:36:47 GMT
etag: 48472445140208031
expires: Wed, 07 Dec 2022 19:36:47 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6782 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aeab465952d969dc17e27078f7dfc23f12cb3c36c1031789bf82857898577de5

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame BCBD 22 KB
8 KB 25ms
24ms Document
text/html 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 131117
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 05:44:35 GMT
expires: Wed, 06 Dec 2023 05:44:35 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame B0EA 35 B
464 B 103ms
30ms Image
image/gif 2620:116:800b:21:c1e8:5385:5098:6bf0
QUANTCAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGJCvC1YXfRczNkCYL_pE84&google_cver=1&google_push=ASkJ3Fb2lDkoG0ShQQPu1BnlvGgcmBoL0pvgsj46DgrBL7SZaT2eYHG_ehX7oAKw53U-eryhgr8qDDRlXYM8q0TtWAq_0WgQtV8iTLFpJsGtZ0PDU6YfScFJA40jmdJEkLVJXXcDuZ_jiexSe8b29yNWkHo

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 18:09:52 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B0EA
Redirect Chain

https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESELKrf07Hud20azITLqw9-_k&google_cver=1&google_push=ASkJ3FZ9_hPwEj01w9cOsmbw-kgW2YwnUvgWmdOrKKpqW9sjO2ko177mc-9H81oSylX9EX5VI0vpqTx2IGhQPfX...
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=Wlz175q_hujWhxgu-QPDPU&tap=gAds&google_gid=CAESELKrf07Hud20azITLqw9-_k&google_cver=1&google_push=ASkJ3FZ9_hPwEj01w9cOsmbw-kgW2YwnUvgW...

170 B
188 B

40ms
37ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=Wlz175q_hujWhxgu-QPDPU&tap=gAds&google_gid=CAESELKrf07Hud20azITLqw9-_k&google_cver=1&google_push=ASkJ3FZ9_hPwEj01w9cOsmbw-kgW2YwnUvgWmdOrKKpqW9sjO2ko177mc-9H81oSylX9EX5VI0vpqTx2IGhQPfXdnnaManJzqjoQ1U-RA0Z2arcAAEH2Cqw0eTNphv29BNiGN2tCu8FToD7YAsOOpjiXTvM

Requested by

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 18:09:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

strict-transport-security: max-age=7884000; includeSubDomains
via: HTTP/2.0 odnd
date: Wed, 07 Dec 2022 18:09:54 GMT
last-modified: Tue, 11 Oct 2022 18:05:06 GMT
content-type: text/plain; charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=Wlz175q_hujWhxgu-QPDPU&tap=gAds&google_gid=CAESELKrf07Hud20azITLqw9-_k&google_cver=1&google_push=ASkJ3FZ9_hPwEj01w9cOsmbw-kgW2YwnUvgWmdOrKKpqW9sjO2ko177mc-9H81oSylX9EX5VI0vpqTx2IGhQPfXdnnaManJzqjoQ1U-RA0Z2arcAAEH2Cqw0eTNphv29BNiGN2tCu8FToD7YAsOOpjiXTvM
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 0
x-tb: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B0EA
Redirect Chain

https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEKH5IA4HJ-TWAmMex8ODvqI&google_push=ASkJ3FYACkeA360kZGQOC_zmRh38iueDfZEIgqSxmmcGrC4y9FTk8ywqPfvfPaviD8nFczWYrc9HbVfbtWyOmAU11X0urz3...
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=ASkJ3FYACkeA360kZGQOC_zmRh38iueDfZEIgqSxmmcGrC4y9FTk8ywqPfvfPaviD8nFczWYrc9HbVfbtWyOmAU11X0urz37jUTtVVh2Fslyt0sSiwFKygmSAMgYbCUb2...

170 B
188 B

41ms
41ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=ASkJ3FYACkeA360kZGQOC_zmRh38iueDfZEIgqSxmmcGrC4y9FTk8ywqPfvfPaviD8nFczWYrc9HbVfbtWyOmAU11X0urz37jUTtVVh2Fslyt0sSiwFKygmSAMgYbCUb25Da7OH5YOObjlWhCF0ieEczOw&google_hm=MTA1OTgzMDY5MzMxNjU2MzAzOTU

Requested by

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 18:09:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Dec 2022 18:09:52 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=ASkJ3FYACkeA360kZGQOC_zmRh38iueDfZEIgqSxmmcGrC4y9FTk8ywqPfvfPaviD8nFczWYrc9HbVfbtWyOmAU11X0urz37jUTtVVh2Fslyt0sSiwFKygmSAMgYbCUb25Da7OH5YOObjlWhCF0ieEczOw&google_hm=MTA1OTgzMDY5MzMxNjU2MzAzOTU
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B0EA
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sjy4O3-MRraPzQcj8sBfSQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

37ms
36ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sjy4O3-MRraPzQcj8sBfSQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYBuAXGD2lOTU3XwiU6eVVDsfldPxAdNDwmI0UMaPHeLzjC-XKxE4vmysN_35r-3ASHAiiVDwDYvswoGbcjZWUABof9Cc7LnEab50wDL-gcu7sRXtCriVALOhSDZTKlQf8uNbHso6qNGKrb2eFZDQY

Requested by

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 18:09:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sjy4O3-MRraPzQcj8sBfSQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYBuAXGD2lOTU3XwiU6eVVDsfldPxAdNDwmI0UMaPHeLzjC-XKxE4vmysN_35r-3ASHAiiVDwDYvswoGbcjZWUABof9Cc7LnEab50wDL-gcu7sRXtCriVALOhSDZTKlQf8uNbHso6qNGKrb2eFZDQY
date: Wed, 07 Dec 2022 18:09:51 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B0EA
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENZp750k3nqcrr6Eykq7GnE&google_cver=1&google_push=ASkJ3FbsS46_aXt2XoE6kB_1l9RGOQV3FQWeI7EElwzCFXrhzRzKXvxyNvofdBI7B0c-oiWzeTM...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJEWVRHOEUtMTMtSktTUg==&google_push=ASkJ3FbsS46_aXt2XoE6kB_1l9RGOQV3FQWeI7EElwzCFXrhzRzKXvxyNvofdBI7B0c-oiWzeTMSJLMx717kB25HlzxWAuP4wNYtw...

170 B
188 B

36ms
36ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJEWVRHOEUtMTMtSktTUg==&google_push=ASkJ3FbsS46_aXt2XoE6kB_1l9RGOQV3FQWeI7EElwzCFXrhzRzKXvxyNvofdBI7B0c-oiWzeTMSJLMx717kB25HlzxWAuP4wNYtwtMsFSu49bMcSQ84M2h-lHS9tT8ER04izeYUlQSI9ErK8mYFGfMiyEE

Requested by

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 18:09:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJEWVRHOEUtMTMtSktTUg==&google_push=ASkJ3FbsS46_aXt2XoE6kB_1l9RGOQV3FQWeI7EElwzCFXrhzRzKXvxyNvofdBI7B0c-oiWzeTMSJLMx717kB25HlzxWAuP4wNYtwtMsFSu49bMcSQ84M2h-lHS9tT8ER04izeYUlQSI9ErK8mYFGfMiyEE
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 382e2818ca015d35b02cd449aa60881d
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B0EA
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKp_KWxQeL2u0o5egn0Acz8&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKp_KWxQeL2u0o5egn0Acz8&google_hm=Y5DW8LNfJW9dzBIaockglwAADkwAAAIB&google_nid=index&google_push=ASkJ3FZhy_X8CqRUF8zMB5ytkyS2nliYFzpx8...

170 B
188 B

37ms
37ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKp_KWxQeL2u0o5egn0Acz8&google_hm=Y5DW8LNfJW9dzBIaockglwAADkwAAAIB&google_nid=index&google_push=ASkJ3FZhy_X8CqRUF8zMB5ytkyS2nliYFzpx8fuZut4pxdiPkQzzk5P9E825_ZyHY97xw8CO_VFViMUDJ2wTDLTdxaNQCpmAu3OF84DfRqpraAJfysMlXkFCESeJRGhqAXK1YK2TE2pq7JvuCaS1xgrBmQ

Requested by

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 18:09:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Dec 2022 18:09:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bRl8kGuS0rZov4j0sWZfyQnEMU7eEJNHanM%2BDvB2BlT6zO5h95bxedW4ZaMvoEKyTZWY0kR%2FhjAhTRM7VSHvB9BW4psu67kSxZGVbpEs5OgzAf4QsjVbDP66MpEK5vvFz3icaE%2Fa5RMZTg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKp_KWxQeL2u0o5egn0Acz8&google_hm=Y5DW8LNfJW9dzBIaockglwAADkwAAAIB&google_nid=index&google_push=ASkJ3FZhy_X8CqRUF8zMB5ytkyS2nliYFzpx8fuZut4pxdiPkQzzk5P9E825_ZyHY97xw8CO_VFViMUDJ2wTDLTdxaNQCpmAu3OF84DfRqpraAJfysMlXkFCESeJRGhqAXK1YK2TE2pq7JvuCaS1xgrBmQ
cache-control: no-cache
cf-ray: 775f3701fee2a22e-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B0EA
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESEKdV8SNYM2GnFvEKJ7frtGE&google_cver=1&google_push=ASkJ3Fa3Ctdyv77_lcDVYR_7HBwaGRodMprxGNHcG3WdFgBYkh7XTZjKUjkrm-g_C8bP2cCLXaTG9tmsgITEcuaogPNbNbr2nf1QG...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3Fa3Ctdyv77_lcDVYR_7HBwaGRodMprxGNHcG3WdFgBYkh7XTZjKUjkrm-g_C8bP2cCLXaTG9tmsgITEcuaogPNbNbr2nf1QG1ezbgSNoIWHe2YWeywIJKHQTYNVUm...

170 B
188 B

37ms
36ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3Fa3Ctdyv77_lcDVYR_7HBwaGRodMprxGNHcG3WdFgBYkh7XTZjKUjkrm-g_C8bP2cCLXaTG9tmsgITEcuaogPNbNbr2nf1QG1ezbgSNoIWHe2YWeywIJKHQTYNVUmjKNdVZGN-8fuJiXjn0A6gjG8M&google_hm=81eab9a700dfa206c92cade84d7754ef

Requested by

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 18:09:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3Fa3Ctdyv77_lcDVYR_7HBwaGRodMprxGNHcG3WdFgBYkh7XTZjKUjkrm-g_C8bP2cCLXaTG9tmsgITEcuaogPNbNbr2nf1QG1ezbgSNoIWHe2YWeywIJKHQTYNVUmjKNdVZGN-8fuJiXjn0A6gjG8M&google_hm=81eab9a700dfa206c92cade84d7754ef
date: Wed, 07 Dec 2022 18:09:52 GMT
content-type: text/html; charset=UTF-8
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B0EA 0
12 B 38ms
34ms Image
text/html 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LkLrvXxUoDLkW01o-p5nq5a8rJm1EhJtG54dAA_TlDG1S_q_16x0-xzgiQgEl7yRJLcWnn

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:52 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 o1Uwx-LeZy1xXNnqv4YwBo-O3KbbR1TU6AaZC5EN1kw.js Show response
pagead2.googlesyndication.com/bg/ Frame BCBD 36 KB
16 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/o1Uwx-LeZy1xXNnqv4YwBo-O3KbbR1TU6AaZC5EN1kw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a35530c7e2de672d715cd9eabf8630068f8edca6db4754d4e806990b910dd64c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 22:44:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 415519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16040
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 22:44:33 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/18167346992714350592/ Frame 6470 9 KB
2 KB 85ms
36ms Document
text/html 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b79a0223f276a3bb23bb58d650e44594b39e0ba0d79581ce6385e478ef43d2ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1659
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 18:09:53 GMT
expires: Thu, 07 Dec 2023 18:09:53 GMT
last-modified: Wed, 23 Nov 2022 02:18:21 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6782 0
0 123ms
59ms Fetch
image/gif 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstd5gF1gmXlRf8ysvxZwxjGvQsCzT9pfQzXtnf0q687AhzHv1biU57fFO8QNSfhYJ8DKynWcQjheWcF2QnRKQB2SjGMk4oVX3-txlmyNKhWdXpkxczIDi9OtPBznAxuquprthP3gEYi5q3a4uq1Oi0UYnt6Qc8a1mXC0uqRpy13C5goR0fPct3lW6KWtSmNVg4ip0VOBmyB4m_6iHMupTQMwHpL4cY2XR05GDSNswft5L-YN-c_isrgHw9uGjjn71VNopux5-FVyOHnEdEJsCK-1OEYCTuZV9F8k0BDJTKi_m6pI_AVmf8I_56jPkJU3QV9th7RAl7x4npGxLCF4LTmXEfi7hVuFQnRf5zY28kuabuBrs9ZBpTjMmsH_-CIFzSYwy3QLjMt1Nyc5HE3RqWhKT5kVRvOW11ZHyelK7YfTU4dc2I5guCGOi_f-q0piPmUNfaTupMwNFcUMekdajgK0pH1i7_GKH-HSfp3b_ywJXKWk3QJYccC8A8LolbQe7mQ8edVCAMY1-Lerby9CIbAXS0hjI7VhJIH5WWFoDB2CZysZmdHBd947CIKEqbEVUM-6o2vuCtfqzrpaoSBpl8JBtw2Kg8FXNrA7Qzdpfkky7LHC4F14J6bhefbFTTm_zkeUFCQBXp8lfS5IRIXtgLHLFJ6f18Hwg-ODga9Ert8BuewGdQawQq68IdxqDd_kb9rTDsiO-Rh2eHYMwLrIVwE1z3dg1lwj2e0V1O_VGc-BZPWcY0hOYR3IN92__ODXIZm_tSL8AZAnl_J3TZsbl3h6Z--RX5AiZ2T8Z0Q6fcRw_YH0vIbcM3oa1HjrnVPQjOuGJkbIafGwveq9c9n4tV97X4Ch3sBWz_Gk93Q2k39Pa9OfYSqBNaf8UB9fWP3O9Bl7bmLwI9kp0rJYVSVFv_WzcztOxllTh1O-zOgKIRrLcXuKzHKpytMrHImtR61iwPuIMZZcd8XKHolbgOEOWs1qTOBJjvFWuBf26guN47XDWne7HCuXvabbl9kqL5IJn2ywxIyVk8QWnNWv8j2KONq89aUOCmpQIIpx6cYbzVMmU1fLX-HPnpWKBapbC3E_N_xTgRATEYHhuU7R0Rwb4xlFxD8F1V4jGQZdhS5bR6oSkJVc_2QfgiBjQaWpP_GCUsD03zHENr0QINXtjXFGNrX3P2WIzmGu6tef_8LOqfafqA5ss9iBNI49hLw_ExNh3CoYYhgh9oRJA&sai=AMfl-YSYIu-RYvT7xzDQBj1YhxHkh3qrJSLICeLwnWxxPsoSYMFQGt8K1uwA9m41qVnB556VGF2nSgZ3-j3vmmVdeMMs2-ouS1PvbMHSOM6OLiu1SqvIhEIk_eDHdHivKnfLiNqFnxE8dvsIOfT2m7wej5NXqh5CR_qfO3to3WIu1g_FY0DYFw6b5cwZzvvj8PPKuZXg6XeU93zHStDzd3E&sig=Cg0ArKJSzOr4x3byPYQKEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=156&cbvp=1&cstd=148&cisv=r20221206.03354&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.226 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 07 Dec 2022 18:09:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 07 Dec 2022 18:09:53 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 6470 118 KB
40 KB 23ms
23ms Script
text/javascript 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 20:20:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78543
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Dec 2022 20:20:50 GMT

GET
H3 200 gsap_3.8.0_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 6470 62 KB
25 KB 50ms
50ms Script
text/javascript 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.8.0_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a14255e68fc99fc5b4a8b323c13070ac67f42775917706fd3b147b436810a5da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25068
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 20:06:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Dec 2022 18:09:53 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BCBD 0
20 B 86ms
85ms Image
image/gif 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BPJin8NaQY-eKK5G__gS6wYmQCAAAAAA4AeAEAg&bg=!jo2ljcnNAAa7eOFIm3g7ACkAdvg8Woli722SHWHCIMNavulYDNF6DsF8AnkPSQjELJxXL0v5S7ejIAIAAABqUgAAAANoAQeZAwxOQ3yG2EKgFc6qhFP6ZeiqDOPkPNcx7OA2XdlAu36HADLHbHKlIHS0-SYcDjUGo1ophHSzrVOs8zBbVELN5T97-UMFjEf9p3_oJ2eaqupVDwU2C_X_tQgBMQDj4l01UtaOK0WUOYRpLR_Zz649cHr38sFSfZWHbXqZYAbBVxToMxKoFuNG7vvSPh9OguJWy0bAnVQoZnXW3AW1bwpuCSsgN-70id7croAI_FcXCYbvRUE71FSpbdlhGapptFEszmNKW591jmooxCCDW8vyg_7q3V17R_nwAp-E-68c_xHYY9K9Tab-CE7Ial3BnW8fkHMttS3oX4kgbWDkGz5J0oa-oCSJTZAjk13UFajLtir5QJfXqDetpMRXgfQK-ydLYhtaB4j8SfqktNLOuD6VJBCfiI9y4GnmPw2xTHhSJyZm_wLCTJm1dLsePZZ65Dj2HDr5ZqrwT4N1h8yNJkQdUeiygMFpuL2h07CvtK46dQb-t12pi6duGSqIqQWMnYu7sanHeiXtN5seANQEjnxyxO6YFB5kAsq8hTGIMHIucAY7nKdiqe00Xf4tXk8s4ghWQoJpPFNl0c2xSx3h3CLk0EIccfpRupE5KNvWtvFBgsXnMoc6qY1bwgslNrmkNgv_AwZeC42fJNE2ht2KdsC2qI2KvYbWrrps8jZh_NtkDpO0SwDnK7fmnIREsrSIjvfjxXVNSEb2HiPeaIn7DYxTLag3l8loah1rGc50rSwrHUaNTa99OyKjAyKPl3Q-iGCsA7f4Kfn0flcc-cMnWfIcC4DTnEZgq7x4j4gFiNbwxhKKrCDY_eE3DO6qD5fKvI623PR_JTX5qRZ9bMCWU2VHEIvaSSN6E1ZkgJrQMllBE2au-cwoNI3a08QmYwOO9M1PuAFcGWF_ATNvXE4DvPKEyQbipFaomFKiTtEdD7gtzCqCautaQinIw4tvlTUG9mbaP7GaQJAB87CsTUYOyAMhl6fM62wWbMfSad_HOw6BJsPXMGsPRYrXFrccqDrPu39QDejb8sqdA5ONLe3H0ec

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 18:09:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6782 0
0 85ms
43ms Fetch
image/gif 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstd5gF1gmXlRf8ysvxZwxjGvQsCzT9pfQzXtnf0q687AhzHv1biU57fFO8QNSfhYJ8DKynWcQjheWcF2QnRKQB2SjGMk4oVX3-txlmyNKhWdXpkxczIDi9OtPBznAxuquprthP3gEYi5q3a4uq1Oi0UYnt6Qc8a1mXC0uqRpy13C5goR0fPct3lW6KWtSmNVg4ip0VOBmyB4m_6iHMupTQMwHpL4cY2XR05GDSNswft5L-YN-c_isrgHw9uGjjn71VNopux5-FVyOHnEdEJsCK-1OEYCTuZV9F8k0BDJTKi_m6pI_AVmf8I_56jPkJU3QV9th7RAl7x4npGxLCF4LTmXEfi7hVuFQnRf5zY28kuabuBrs9ZBpTjMmsH_-CIFzSYwy3QLjMt1Nyc5HE3RqWhKT5kVRvOW11ZHyelK7YfTU4dc2I5guCGOi_f-q0piPmUNfaTupMwNFcUMekdajgK0pH1i7_GKH-HSfp3b_ywJXKWk3QJYccC8A8LolbQe7mQ8edVCAMY1-Lerby9CIbAXS0hjI7VhJIH5WWFoDB2CZysZmdHBd947CIKEqbEVUM-6o2vuCtfqzrpaoSBpl8JBtw2Kg8FXNrA7Qzdpfkky7LHC4F14J6bhefbFTTm_zkeUFCQBXp8lfS5IRIXtgLHLFJ6f18Hwg-ODga9Ert8BuewGdQawQq68IdxqDd_kb9rTDsiO-Rh2eHYMwLrIVwE1z3dg1lwj2e0V1O_VGc-BZPWcY0hOYR3IN92__ODXIZm_tSL8AZAnl_J3TZsbl3h6Z--RX5AiZ2T8Z0Q6fcRw_YH0vIbcM3oa1HjrnVPQjOuGJkbIafGwveq9c9n4tV97X4Ch3sBWz_Gk93Q2k39Pa9OfYSqBNaf8UB9fWP3O9Bl7bmLwI9kp0rJYVSVFv_WzcztOxllTh1O-zOgKIRrLcXuKzHKpytMrHImtR61iwPuIMZZcd8XKHolbgOEOWs1qTOBJjvFWuBf26guN47XDWne7HCuXvabbl9kqL5IJn2ywxIyVk8QWnNWv8j2KONq89aUOCmpQIIpx6cYbzVMmU1fLX-HPnpWKBapbC3E_N_xTgRATEYHhuU7R0Rwb4xlFxD8F1V4jGQZdhS5bR6oSkJVc_2QfgiBjQaWpP_GCUsD03zHENr0QINXtjXFGNrX3P2WIzmGu6tef_8LOqfafqA5ss9iBNI49hLw_ExNh3CoYYhgh9oRJA&sai=AMfl-YSYIu-RYvT7xzDQBj1YhxHkh3qrJSLICeLwnWxxPsoSYMFQGt8K1uwA9m41qVnB556VGF2nSgZ3-j3vmmVdeMMs2-ouS1PvbMHSOM6OLiu1SqvIhEIk_eDHdHivKnfLiNqFnxE8dvsIOfT2m7wej5NXqh5CR_qfO3to3WIu1g_FY0DYFw6b5cwZzvvj8PPKuZXg6XeU93zHStDzd3E&sig=Cg0ArKJSzOr4x3byPYQKEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=316&vt=11&dtpt=160&dett=3&cstd=148&cisv=r20221206.03354&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 07 Dec 2022 18:09:53 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6470 7 KB
5 KB 48ms
47ms XHR
application/json 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40af0a250ffcc0f5f47cef6ed0cf5f6aae0588fec00c86206da151bf5baaedcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5499
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6470 17 KB
6 KB 40ms
40ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:09:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 07 Dec 2022 18:09:53 GMT

GET
H3 200 o1Uwx-LeZy1xXNnqv4YwBo-O3KbbR1TU6AaZC5EN1kw.js Show response
pagead2.googlesyndication.com/bg/ Frame F8DA 36 KB
16 KB 21ms
21ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/o1Uwx-LeZy1xXNnqv4YwBo-O3KbbR1TU6AaZC5EN1kw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a35530c7e2de672d715cd9eabf8630068f8edca6db4754d4e806990b910dd64c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 22:44:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 415520
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16040
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 22:44:33 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/18167346992714350592/ Frame 6470 2 KB
737 B 21ms
21ms Stylesheet
text/css 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18167346992714350592/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89041b78fae7a243a68f283ccf0c828aa64d89d6113d07e06e3807f3ce858724

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 06:12:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43066
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 708
x-xss-protection: 0
last-modified: Wed, 23 Nov 2022 02:18:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Dec 2023 06:12:07 GMT

GET
H3 200 controller.js Show response
s0.2mdn.net/sadbundle/18167346992714350592/ Frame 6470 7 KB
1 KB 22ms
21ms Script
application/x-javascript 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18167346992714350592/controller.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9cf26fb7fe67d69ec053c454e57f13dec947dddaaf5a14a825ef0858c10a36f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 06:12:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43066
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1437
x-xss-protection: 0
last-modified: Wed, 23 Nov 2022 02:18:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Dec 2023 06:12:07 GMT

GET
H3 200 feed.js Show response
s0.2mdn.net/sadbundle/18167346992714350592/ Frame 6470 50 KB
3 KB 23ms
23ms Script
application/x-javascript 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18167346992714350592/feed.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab938252d4d37310270a646622da9d766bcab60ed9678fbccd97a93f3972155e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 07:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 558292
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3044
x-xss-protection: 0
last-modified: Wed, 23 Nov 2022 02:18:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Dec 2023 07:05:01 GMT

GET
H3 200 60005477_20221121134335669_background001.jpg
s0.2mdn.net/ads/richmedia/studio/60005477/ Frame 6470 191 KB
191 KB 23ms
23ms Image
image/jpeg 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005477/60005477_20221121134335669_background001.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e8cef99a1686a44b315f1fbecae1e706f8a44e68746251ee09f95a6f87e4653

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 07:12:03 GMT
x-content-type-options: nosniff
age: 39470
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195889
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 21:43:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Dec 2022 07:12:03 GMT

GET
H3 200 60005477_20181022102532839_blank.png
s0.2mdn.net/ads/richmedia/studio/60005477/ Frame 6470 977 B
1003 B 57ms
56ms Image
image/png 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005477/60005477_20181022102532839_blank.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30d0d219dffc1e5f4e40e4562c48642d5038c73f6254b298c97676757046ddb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 19:26:49 GMT
x-content-type-options: nosniff
age: 81784
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 977
x-xss-protection: 0
last-modified: Mon, 22 Oct 2018 17:25:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Dec 2022 19:26:49 GMT

GET
H3 200 60005477_20220318221944290_LogoWhite.png
s0.2mdn.net/ads/richmedia/studio/60005477/ Frame 6470 3 KB
3 KB 56ms
55ms Image
image/png 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005477/60005477_20220318221944290_LogoWhite.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b301f7f15d1d29d7d124cb30e579935adfbdafbf369b3ecd7ef574f4ced3ed55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 00:48:29 GMT
x-content-type-options: nosniff
age: 62484
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3082
x-xss-protection: 0
last-modified: Sat, 19 Mar 2022 05:19:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Dec 2022 00:48:29 GMT

GET
H3 200 60005477_20221121134339768_background002.jpg
s0.2mdn.net/ads/richmedia/studio/60005477/ Frame 6470 106 KB
106 KB 60ms
59ms Image
image/jpeg 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005477/60005477_20221121134339768_background002.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5321be6475b2b544941b66931eed2e7c440ca7c9b92fd2ce7f6266097734c9ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 07:18:45 GMT
x-content-type-options: nosniff
age: 39068
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108314
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 21:43:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Dec 2022 07:18:45 GMT

GET
H3 200 60005477_20221121134343631_background003.jpg
s0.2mdn.net/ads/richmedia/studio/60005477/ Frame 6470 154 KB
154 KB 62ms
61ms Image
image/jpeg 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005477/60005477_20221121134343631_background003.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e72112a6051ae770208c65845e6fd9ceea7c08776af855f3d47e3c174dda73f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 07:18:45 GMT
x-content-type-options: nosniff
age: 39068
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157532
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 21:43:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Dec 2022 07:18:45 GMT

GET
H3 200 60005477_20221121134347718_background004.jpg
s0.2mdn.net/ads/richmedia/studio/60005477/ Frame 6470 262 KB
262 KB 57ms
56ms Image
image/jpeg 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005477/60005477_20221121134347718_background004.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb9af6c028f56887ee6c15f5a3e6ac18a934e76e22dfe77fdec66f4331cc9d3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 07:18:45 GMT
x-content-type-options: nosniff
age: 39068
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 268329
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 21:43:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Dec 2022 07:18:45 GMT

GET
H3 200 60005477_20221121135655352_overlay005.png
s0.2mdn.net/ads/richmedia/studio/60005477/ Frame 6470 38 KB
38 KB 66ms
65ms Image
image/png 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005477/60005477_20221121135655352_overlay005.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

715045f3b9b5ad877852791610123019447efe2b8900139bb9ab763d18a4f2d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 05:20:32 GMT
x-content-type-options: nosniff
age: 46161
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38936
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 21:56:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Dec 2022 05:20:32 GMT

GET
H3 200 HyundaiSansText-Regular.woff2
s0.2mdn.net/sadbundle/18167346992714350592/ Frame 6470 54 KB
54 KB 28ms
27ms Font
font/woff2 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18167346992714350592/HyundaiSansText-Regular.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

313963d64c00b096563a43f9856ae5fcb8aeba67d3a808d23171e8455198ebc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 06:12:08 GMT
x-content-type-options: nosniff
age: 43065
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55536
x-xss-protection: 0
last-modified: Wed, 23 Nov 2022 02:18:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Dec 2023 06:12:08 GMT

GET
H3 200 HyundaiSansHead-Medium.woff2
s0.2mdn.net/sadbundle/18167346992714350592/ Frame 6470 53 KB
53 KB 24ms
23ms Font
font/woff2 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18167346992714350592/HyundaiSansHead-Medium.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a350ff915bd9f6a23c74a2aff9a835c5074f8dac8810174ec05bbb984a2feb26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 06:12:08 GMT
x-content-type-options: nosniff
age: 43065
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54212
x-xss-protection: 0
last-modified: Wed, 23 Nov 2022 02:18:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Dec 2023 06:12:08 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6782 42 B
64 B 89ms
89ms Fetch
image/gif 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNDUkD_aHvKOptEjVB9u_-coO2FPsn__pWA-XlPIVeclqabc8D2fkrvW8OcINZ_-p8f8g3Hl0Wt0wNedULYOssZ1itDuWJp1v14wMaui9Q2Ysz8jWB-MlyVYS5-ttEWUkYGUc&sai=AMfl-YR_jM6MlDL4eUR66VQqbh9ZU4zHhrYYZK2tysQhg_05_cU1x8iQgZRAkdnT97wq2QlJmcGSWieaXpmyX284y8Zx7zTfE1MJQ9kYVg&sig=Cg0ArKJSzLzW3AMpU9BoEAE&cid=CAQSKQDq26N9H1H2ugAjLuesIIPNfObN0l0wj6DjMDt5dmMhTSJagsoAx1vyGAEgEw&id=lidar2&mcvt=1000&p=0,0,250,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221205&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1207888702&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670436591052&rpt=2381&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 18:09:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
vivanews.asia/	1969-12-31 23:59:59	Name: PHPSESSID Value: ehik80boqdoj4kvda7ck4oqma9
.vivanews.asia/	1970-01-20 17:22:12	Name: __gads Value: ID=3922dd0b94922559-2292ff71647f00d4:T=1670436590:S=ALNI_MZXaYgKY3then3Mgl3FvaOcsiyz5g
.vivanews.asia/	1970-01-20 17:22:12	Name: __gpi Value: UID=000009db1e7d505b:T=1670436590:RT=1670436590:S=ALNI_MZO6Ee7vTLz1zw3bbpdkgT05NGI1Q
.doubleclick.net/	1970-01-20 17:36:36	Name: IDE Value: AHWqTUl3uXPSNNU8N4iiP-ZbRcx-ukCQCuUjPSRJ9mNGLvJtgiLINf3C0nnT3JQfGw8
.adnxs.com/	1970-01-20 10:10:12	Name: uuid2 Value: 7167894834436488578
.casalemedia.com/	1970-01-20 10:10:12	Name: CMPS Value: 3660
.casalemedia.com/	1970-01-20 10:10:12	Name: CMPRO Value: 3660
.adnxs.com/	1970-01-20 10:10:12	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In1K5$g8!@wnfH8K6pQK`!5=E<L5?%M5.O0iM7Aw6K/vU2NdKSGi`E>.L9O$h<dkSLYbpRzqF1`b`1r*9<Jv
.pubmatic.com/	1970-01-20 08:02:02	Name: KTPCACOOKIE Value: YES
.mookie1.com/	1970-01-20 17:29:24	Name: id Value: 10598306933165630395
.mookie1.com/	1970-01-20 17:29:24	Name: mdata Value: 1\|10598306933165630395\|1670436592953
.mookie1.com/	1970-01-20 17:29:24	Name: ov Value: db6c3971aea4fdec4df759ee35724b8b
.adingo.jp/	1970-01-20 08:43:48	Name: ID Value: 81eab9a700dfa206c92cade84d7754ef
.quantserve.com/	1970-01-20 10:10:12	Name: d Value: EF8BCQHgJ4EA
.quantserve.com/	1970-01-20 17:30:50	Name: mc Value: 6390d6f0-f102d-63076-56af6
.pubmatic.com/	1970-01-20 16:46:12	Name: KADUSERCOOKIE Value: B23CB83B-7F8C-46B6-8FCD-0723F2C05F49
.casalemedia.com/	1970-01-20 16:46:12	Name: CMID Value: Y5DW8LNfJW9dzBIaockglwAA
.casalemedia.com/	1970-01-20 10:10:12	Name: CMTS Value: 3465

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com
adservice.google.ca
adservice.google.com
beacon.walmart.com
cc.adingo.jp
cm.g.doubleclick.net
cms.quantserve.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
image6.pubmatic.com
odr.mookie1.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
s0.2mdn.net
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
tpc.googlesyndication.com
vivanews.asia
www.google.com
www.googletagservices.com
104.36.115.113
142.250.176.194
142.250.65.226
172.64.154.237
192.40.39.223
20.242.10.199
2607:f8b0:4006:806::200a
2607:f8b0:4006:809::2002
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80f::2006
2607:f8b0:4006:816::2001
2607:f8b0:4006:816::2002
2607:f8b0:4006:816::2004
2607:f8b0:4006:81c::2001
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81c::2003
2620:116:800b:21:c1e8:5385:5098:6bf0
35.190.90.30
45.76.76.61
52.73.27.182
68.67.160.186
69.173.151.100
01b56a47fe308931676251e54f09978ae3c113933585fb2b718e93d0617a49b4
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
055acaa4ad04b13215cfd46fad9930e06a98bb333b445da13e90a0ef2ce26f89
06f67df6d5f61a5e5c5993071e2f11e4433439179c5e1072a280c38c341a2484
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08fee21e5d5837b83dfc57550ef625c8101383b797d041e00b2203c835953223
0b60d0d8d1c1bcc232106bc6891f433de3370a372b04df6d4c76fd334abeb868
0b6b927ed49b35cafb9649f4e46e95d5887b07f36a4b07b26f92dab06df1e3ab
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
104f4f425ec150d76ff783bea28bb49a1f5f743305189ea91f34d79f3d95b48e
1084ce3b01bdb94f9f33901c0d2ccc07ff6c29b77383ab9d7f035f98e8e418f4
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
17bfd84b7950ab91dec7b983a55bb24e4417bee3cfb3ec1434a4dd617df9e95f
17eebde91d71e72d303e72fc0e868edf07fad12a4b149e0a038b385027521df3
18a62be8995d31496185e6bb49cf98355734f8ecd29d0c87e79164b90fc0d306
1bab9fe22edab84e52bf1ed9adaf22e71e28d8963ff743691306f871a3ea119d
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
1e965485436a460b6ffc44695b148993598bd4e6cdb8447a547fb5609e3ca152
1ebfd680b72b9825db5e9905ddc7634583d547e4f8935b74c4c77464fadaa9a5
208811b594100e86eb5f1732277c45e426905bca9c94a05bc1fc63af88bb6d01
23d19ebfe50d8795a5e8415ae5a36bf81f00b6525d2de87406dd73448f03a742
24098ffd52c543cd93401f1b57100d207a92f4f203d3f6de73d9e21db52f6ebf
27ebb4b9fba54c26f207d200001889e4e123c0ad2dcd3ab05c2d8b0d6255521f
2805a9706647dc3f67f18c7ab7450ba356368fbd6438c315de89ab9eef123edd
292f38ab6aa1dc37e03e86f5e97b5949101902fd155abc76ce19f82b96201864
2d88ff141755a1244a45f4c81b8addb815b49eaabf3158d0492bdfc883b88245
30d0d219dffc1e5f4e40e4562c48642d5038c73f6254b298c97676757046ddb8
3123931d2096e41866151ecbb3e392c4078fc19902e226036fa837ab764d0a71
313963d64c00b096563a43f9856ae5fcb8aeba67d3a808d23171e8455198ebc9
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32afc45d62308807fbf43cb70066e87de99e270ffc172031c71d8a8f01b2787d
3501a3ec0d024163ef992e0e5f87552d17569e23bcea1e69447f64179d614637
39a1a12523530085e8302e0e3cf71374bfc493b74a36369cb3f6eb640630eca9
39f99fad5216bf62dbe0b75f585d68d7bb464810534fdc777f0fade6eb18df87
3cb13fe352e70a3164b48c06d7f3351827d2ab1c49f6b8e5f459fb3e7bb3591d
3db431c3a9217c58b86c78ef1c9fcf7f44e35d599350e9d027ec28454a7c32e9
40af0a250ffcc0f5f47cef6ed0cf5f6aae0588fec00c86206da151bf5baaedcd
40b5ee037cd0cdbcedaa693bf1ada6374bc34230dc5dbb8c6554944e318dfa8e
443b42a7369c5d664b2743ecd813f175b7b927fa62fc21837d24c88603f964b6
45a5a7e1516d809fd5f1ce8f72237a8b4148aa46b8b055f22385e30bb6e67a42
45f01389f53d04bb01a647bdd8c45468ca3cdde76233f519729d9d1ff7a42e96
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4a2bf31cb7fc5fa522dfb7e0b849d200c10f8f5a6df38ba892bd084f0b9f0562
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bd4c275f007d9e466783a2fce6bde0c35f098135b8f5afb6deda1dda03c4fca
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5321be6475b2b544941b66931eed2e7c440ca7c9b92fd2ce7f6266097734c9ac
54ac5cf40e7dac93d1bca06e700092b9ed760b43bed977769c117a4410e6f8b3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57366c2247050026db3ded157b31c233bc2d2d58dc363c56014b5fbd33b44704
58c3399ef6051a79ca1061c2369c75dfef8b53f9967755266e40f5a0b974b16a
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5ed7f70e7c632f089ed340524dec67ba19c429841264beaf2be345c2c27f8c53
5f15609dae773a4b3e3ff0893c694e0a728145bbc6be9fdd9898a56aeab834df
617ff2eb3d5dbbbc37949c4fdf8406e7a8a08990f1b846a8011d614ad2c1f88b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67873e867f80a4e38ed77b2d2e470ffdc7404629233f6dd0c0ae060eb23b55a6
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6bd47176b1c3d762d864aeeb233ca7e793004248449c3843c63657542481a092
6f0a78384a5fe1f2ccf0f887dbb4f7adc0746427ad847f7f0f37fb61fc641860
715045f3b9b5ad877852791610123019447efe2b8900139bb9ab763d18a4f2d5
725cec0adb3474254d639c60ce66dcf7787f811dbbc9999afe3b89ffd53d786d
74b1553a8bc02b258d9607e3b6be0d38c69787670259db355120226bb9eb868e
75eadfc4966f8e40d2f5aa4ebc91741a4bec5599e28b04024d38c3dd9c689477
7a0cb33ad56641087f3b9355a126591f57957c1dd8175a46f38d51834bdd8a42
82d885b57ea9266031e7efea885e247e8c8f4b146651017118188191056f51f3
86cd172029aaf00d8aaf4b710ae202115e9f60262d0cff5c1c0ec48bc2e7824f
86fcbebfc3beb20cc090c44b05e9ca59400de0ca9fc348171e37216dbdb64fa8
89041b78fae7a243a68f283ccf0c828aa64d89d6113d07e06e3807f3ce858724
8a6749df5bda37a8da862387e46cf39313d07ff2dcfa684faefaeb33b9a2ee6c
8b8b22b8c1df47f77a24146d9cacf8efa05e5b5016fe6b9075e032ac11488b41
8c0fcb802476b243779d9398d68f5bbdee60031f2aeb6979817317dae9731a8e
8d517631a58883faff47882e248f70964c65168e26ab649b47487e8c6ceca440
8e8cef99a1686a44b315f1fbecae1e706f8a44e68746251ee09f95a6f87e4653
92e7b397cdc4be8a86f2b4410316bc67fdf345c4d4282a433e4ba990eae3b749
956565d639de5e0d44c98b8deb304a86938aec1d8ddf321190ae57d291ae69eb
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
98c79c403cbb4a0c321790331af72a914f0231da2736659055fc196597d6c31a
9a729582bb72af90bca58d2ae31d5bf9bfde790855e37cc178aa8496432a9c2a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1b696ec3f788a517f464a3341906262f687aa000abf6b4120ca1f2b0baffef
9bf5df923c301309cbce4831273710c7ab50e6b2d8ddb275bdfdc924fec29c37
9c0d1d99e56d40feb850e857a0cc61a76ec8657e9f9fc1e7bae04b42d5da551f
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a14255e68fc99fc5b4a8b323c13070ac67f42775917706fd3b147b436810a5da
a350ff915bd9f6a23c74a2aff9a835c5074f8dac8810174ec05bbb984a2feb26
a35530c7e2de672d715cd9eabf8630068f8edca6db4754d4e806990b910dd64c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73c3d5995e2b9438a42cb9b65351b943265fbde78b8b3b581e67d5018a49af0
a994550e07e2ccdf11d39850c1d27e897796afc20de7c21d0a0854ce67b7ba58
aa06e9ae7ff4d566ba5b5bb58e5a0d4f6ef3722974f2f72881a247dc88c47087
ab938252d4d37310270a646622da9d766bcab60ed9678fbccd97a93f3972155e
acc32c1030654659ed8e167d5c82ef5ad511261b6140a82f4874c3e389bf4d15
ad78ff58114e92438a9a3e8aca9cefa822cd173ac669694f864520cb75643dca
aeab465952d969dc17e27078f7dfc23f12cb3c36c1031789bf82857898577de5
b03624a4c39691ace4ea254f4255fea92bc411f9233956cde68916f657cb7412
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1845327cc9109e7908fbd355c4c27bfa87aebf7915525ab593d13f449695fc0
b301f7f15d1d29d7d124cb30e579935adfbdafbf369b3ecd7ef574f4ced3ed55
b38534408e8ecfce571b2498e509ede194064dca3258fe2fd0d31d685797972d
b79a0223f276a3bb23bb58d650e44594b39e0ba0d79581ce6385e478ef43d2ee
b7b72cf5893cd988fcaf9a5adbabb9bf7a521affe75b59590f6dfb3a1f4945fd
b83870f8305b8900262de8381157f408d91e044be196880218d8ee00a58f8e95
b9cf26fb7fe67d69ec053c454e57f13dec947dddaaf5a14a825ef0858c10a36f
bb9af6c028f56887ee6c15f5a3e6ac18a934e76e22dfe77fdec66f4331cc9d3e
be51d196e9c1f842bb0d70cc2244d83b5635bd0219e533794ce62d86c702db4b
bf4e62ceb823aefcf198a034a491c8e17a432df849f317e36ee3fe02f775dc3d
c1edcc780d23377ea9c7e15b2a064085d1879bbe909e9c36f642021e8bb96743
c2da550fb7091e629770f57aef5ae7be0e5460e39564b13ca5c7190ab9f3df66
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c33e04a65b94fbe734a7ab1aa56c60237a72c071ea57a7c41be9d66bc79dc537
c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cca76b60cdd1d620eaeecef628b6c5395d23149e8fc8ec9045b884b585eb1dc6
d5a391bc4a4fde724d0720d2f7216153ddac2456c8108b4267b0aaafec02dcf8
dc6c10f75c0d86ce0a49a6c64440bfb7d996010f3fa6767d9c2384c7f43163c3
dd0037b1381eda94026ab71bf518b6d2533f18a7592db9dce036ae7194fb7892
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e2e029a91b0e0b3759ce3b13e3ec4f214e62d8b9d99f1ae05e5661ff234bef
e6229885746123984ffa4249d1036a9fe9cf949d3940fe5815086702b7962afe
e72112a6051ae770208c65845e6fd9ceea7c08776af855f3d47e3c174dda73f0
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e7b959c432c42ff7654354fe0cda58079e4681e9476e3a243630515014125aee
e7fe619fdeea2d0899b235da6eb39403a0f793b934a0004dba02660618098f27
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6ff0da6c661c0c96c5cbb4e79cc930dffd2a11a80b1cf6796ea973d9c11c11
f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
f238e8708c8806ff68bf6d9b3f1bebc1501f91f7d336f72626d84072867d0798
f3143ea841f3c387fc23d61a9932cd0d6aede512772392950834402812bda65d
f7faa4715a7b7e6cb5d09c4f485825d35d963b684c255013b813d9d5a7b1bd26
f87b71f6a3914637476b44314228411f992ac30cab2ca55b2570ab1cce6125e2
f9c2bb5c7f8b32755a14d63e0a812911e2286f8aa23c910cc790f0937aacf37d
fded0bd09f076102d1d2d4ab75e18a20c758a6d63a71458918d937d4fda10e09
feca5d03b4626f7f5c63f64b33921ac8ea924404f504645d06aed7a3cbf6df7b
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

vivanews.asia Open in urlscan Pro 45.76.76.61 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

173 Requests

94 %HTTPS

52 %IPv6

17 Domains

24 Subdomains

18 IPs

2 Countries

3847 kBTransfer

5576 kBSize

18 Cookies

0 Outgoing links

Redirected requests

173 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

vivanews.asia Open in urlscan Pro
45.76.76.61 Public Scan

Screenshot
Live screenshot

Full Image

173
Requests

94 %
HTTPS

52 %
IPv6

17
Domains

24
Subdomains

18
IPs

2
Countries

3847 kB
Transfer

5576 kB
Size

18
Cookies

173 HTTP transactions
2 data transactions