URL: https://vivanews.asia/
Submission: On December 07 via manual from CA — Scanned from CA

Summary

This website contacted 18 IPs in 2 countries across 17 domains to perform 173 HTTP transactions. The main IP is 45.76.76.61, located in Los Angeles, United States and belongs to AS-CHOOPA, US. The main domain is vivanews.asia. The Cisco Umbrella rank of the primary domain is 25065.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on December 1st 2022. Valid for: 3 months.
This is the only time vivanews.asia was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
85 45.76.76.61 20473 (AS-CHOOPA)
1 2607:f8b0:400... 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
8 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
13 2607:f8b0:400... 15169 (GOOGLE)
20 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
3 11 142.250.176.194 15169 (GOOGLE)
3 5 192.40.39.223 27381 (CASALE-MEDIA)
2 3 68.67.160.186 29990 (ASN-APPNEX)
16 2607:f8b0:400... 15169 (GOOGLE)
1 2620:116:800b... 27281 (QUANTCAST)
1 1 20.242.10.199 8075 (MICROSOFT...)
1 1 35.190.90.30 15169 (GOOGLE)
2 2 104.36.115.113 62713 (AS-PUBMATIC)
1 1 69.173.151.100 26667 (RUBICONPR...)
1 1 172.64.154.237 13335 (CLOUDFLAR...)
1 1 52.73.27.182 14618 (AMAZON-AES)
2 142.250.65.226 15169 (GOOGLE)
173 18
Apex Domain
Subdomains
Transfer
85 vivanews.asia
vivanews.asia — Cisco Umbrella Rank: 25065
2 MB
35 googlesyndication.com
5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 144
pagead2.googlesyndication.com — Cisco Umbrella Rank: 109
353 KB
24 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203
googleads.g.doubleclick.net — Cisco Umbrella Rank: 39
cm.g.doubleclick.net — Cisco Umbrella Rank: 234
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 316
220 KB
16 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 288
993 KB
6 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 588
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 467
5 KB
5 google.com
adservice.google.com — Cisco Umbrella Rank: 87
www.google.com — Cisco Umbrella Rank: 2
3 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 238
3 KB
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 734
1 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
94 KB
2 google.ca
adservice.google.ca — Cisco Umbrella Rank: 13098
914 B
2 gstatic.com
fonts.gstatic.com
31 KB
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 3980
461 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 351
516 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1148
769 B
1 walmart.com
beacon.walmart.com — Cisco Umbrella Rank: 4064
622 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 721
464 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 51
1 KB
173 17
Domain Requested by
85 vivanews.asia vivanews.asia
20 pagead2.googlesyndication.com 5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
googleads.g.doubleclick.net
s0.2mdn.net
16 s0.2mdn.net vivanews.asia
s0.2mdn.net
13 tpc.googlesyndication.com 5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
11 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
6 securepubads.g.doubleclick.net vivanews.asia
securepubads.g.doubleclick.net
5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com
www.googletagservices.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 www.google.com tpc.googlesyndication.com
googleads.g.doubleclick.net
2 googleads4.g.doubleclick.net vivanews.asia
2 image6.pubmatic.com 2 redirects
2 www.googletagservices.com 5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com
googleads.g.doubleclick.net
2 5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
2 adservice.google.ca securepubads.g.doubleclick.net
pagead2.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
1 cc.adingo.jp 1 redirects
1 ssum-sec.casalemedia.com 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 odr.mookie1.com 1 redirects
1 beacon.walmart.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 fonts.googleapis.com vivanews.asia
173 24

This site contains no links.

Subject Issuer Validity Valid
vivanews.asia
ZeroSSL RSA Domain Secure Site CA
2022-12-01 -
2023-03-01
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-11-07 -
2023-01-30
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.google.ca
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
www.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-09 -
2023-09-09
a year crt.sh

This page contains 15 frames:

Primary Page: https://vivanews.asia/
Frame ID: 5476CB734CC9A953E4E738E9AAA1CEC0
Requests: 97 HTTP requests in this frame

Frame: https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3DE252A8BE3FA30CF9A35CA095533421
Requests: 1 HTTP requests in this frame

Frame: https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4E0AC59ED3AC0ECBFDA77C82A417F625
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20190131/zrt_lookup.html
Frame ID: A90A8FF856FDF16A385979C65A2FC17C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&adk=1812271804&adf=3279755399&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670436590778&bpp=5&bdt=245&idt=189&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&nras=1&correlator=6802309372592&frm=24&ife=3&pv=2&ga_vid=186587116.1670436591&ga_sid=1670436591&ga_hid=1502866042&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3623698145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=4157502748526341&tmod=1347136777&uas=0&nvt=1&etu=ALEzveltYJkQJOiuicy-L0678qHkMlYftZUIoTdMAZhTkCCVYkBHkjR1wejrzdczwwbYYTyO8JSYOTw&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.t7gpdtdhahyj&fsb=1&dtd=260
Frame ID: 2EFFB3567A44FE1CBD271AC932BE195E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3173046730&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670436590778&bpp=2&bdt=244&idt=219&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6802309372592&frm=24&ife=3&pv=1&ga_vid=186587116.1670436591&ga_sid=1670436591&ga_hid=1502866042&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3623698145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=4157502748526341&tmod=1347136777&uas=0&nvt=1&etu=ALEzveltYJkQJOiuicy-L0678qHkMlYftZUIoTdMAZhTkCCVYkBHkjR1wejrzdczwwbYYTyO8JSYOTw&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.82lxsd6kjy9j&fsb=1&dtd=272
Frame ID: 678242E2A0EA43FE963E3A09DC613800
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D22A8654163A0870E6A1A2A2FCF5562B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 232036489D1ABDD6C56C12A03EBFD4C2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 913DB1E29E6C685EBC54607FC91A5BB3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F5950F2572DACC90504F224BFDAC3FD1
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMH6FRCUyVkYi5v42QEwAQ&v=APEucNXDe_3VxTZlO3QMq9m6wAiOpHEIQLLLGAiZ6WikudEBpegE5wl96Tgq54o_XKRfz3eURbxjExJ_8aQUt_G-FqCE7Z-nOQ
Frame ID: 31A7130FA345C44C141E810751E832B6
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B0EA8C3FCC8206D2B05DCA8C09EEE0B3
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BCBD130EF561BF70226101001A4A3F0D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247
Frame ID: 64701CB099DF95F8B547C1755CC021D5
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/o1Uwx-LeZy1xXNnqv4YwBo-O3KbbR1TU6AaZC5EN1kw.js
Frame ID: F8DA8F381EF88F776CC65894968279AF
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

VivaGames - Play Games In Browser

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

173
Requests

94 %
HTTPS

52 %
IPv6

17
Domains

24
Subdomains

18
IPs

2
Countries

3847 kB
Transfer

5576 kB
Size

18
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 132
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGn63Gq8lRw6Fo0U70SdvSA&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGn63Gq8lRw6Fo0U70SdvSA&google_cver=1&C=1
Request Chain 133
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y5DW8LNfJW9dzBIaockglwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGn63Gq8lRw6Fo0U70SdvSA&google_cver=1
Request Chain 134
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEM0Rzo7fnSdVfzXA--Etyt8&google_cver=1
Request Chain 135
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE2Nzg5NDgzNDQzNjQ4ODU3OA%3D%3D
Request Chain 144
  • https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESELKrf07Hud20azITLqw9-_k&google_cver=1&google_push=ASkJ3FZ9_hPwEj01w9cOsmbw-kgW2YwnUvgWmdOrKKpqW9sjO2ko177mc-9H81oSylX9EX5VI0vpqTx2IGhQPfXdnnaManJzqjoQ1U-RA0Z2arcAAEH2Cqw0eTNphv29BNiGN2tCu8FToD7YAsOOpjiXTvM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=Wlz175q_hujWhxgu-QPDPU&tap=gAds&google_gid=CAESELKrf07Hud20azITLqw9-_k&google_cver=1&google_push=ASkJ3FZ9_hPwEj01w9cOsmbw-kgW2YwnUvgWmdOrKKpqW9sjO2ko177mc-9H81oSylX9EX5VI0vpqTx2IGhQPfXdnnaManJzqjoQ1U-RA0Z2arcAAEH2Cqw0eTNphv29BNiGN2tCu8FToD7YAsOOpjiXTvM
Request Chain 145
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEKH5IA4HJ-TWAmMex8ODvqI&google_push=ASkJ3FYACkeA360kZGQOC_zmRh38iueDfZEIgqSxmmcGrC4y9FTk8ywqPfvfPaviD8nFczWYrc9HbVfbtWyOmAU11X0urz37jUTtVVh2Fslyt0sSiwFKygmSAMgYbCUb25Da7OH5YOObjlWhCF0ieEczOw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=ASkJ3FYACkeA360kZGQOC_zmRh38iueDfZEIgqSxmmcGrC4y9FTk8ywqPfvfPaviD8nFczWYrc9HbVfbtWyOmAU11X0urz37jUTtVVh2Fslyt0sSiwFKygmSAMgYbCUb25Da7OH5YOObjlWhCF0ieEczOw&google_hm=MTA1OTgzMDY5MzMxNjU2MzAzOTU
Request Chain 146
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEM0Gxpa7a2uh0JHD0qH_qY0&google_cver=1&google_push=ASkJ3FYBuAXGD2lOTU3XwiU6eVVDsfldPxAdNDwmI0UMaPHeLzjC-XKxE4vmysN_35r-3ASHAiiVDwDYvswoGbcjZWUABof9Cc7LnEab50wDL-gcu7sRXtCriVALOhSDZTKlQf8uNbHso6qNGKrb2eFZDQY HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEM0Gxpa7a2uh0JHD0qH_qY0&google_cver=1&google_push=ASkJ3FYBuAXGD2lOTU3XwiU6eVVDsfldPxAdNDwmI0UMaPHeLzjC-XKxE4vmysN_35r-3ASHAiiVDwDYvswoGbcjZWUABof9Cc7LnEab50wDL-gcu7sRXtCriVALOhSDZTKlQf8uNbHso6qNGKrb2eFZDQY&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sjy4O3-MRraPzQcj8sBfSQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYBuAXGD2lOTU3XwiU6eVVDsfldPxAdNDwmI0UMaPHeLzjC-XKxE4vmysN_35r-3ASHAiiVDwDYvswoGbcjZWUABof9Cc7LnEab50wDL-gcu7sRXtCriVALOhSDZTKlQf8uNbHso6qNGKrb2eFZDQY
Request Chain 147
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENZp750k3nqcrr6Eykq7GnE&google_cver=1&google_push=ASkJ3FbsS46_aXt2XoE6kB_1l9RGOQV3FQWeI7EElwzCFXrhzRzKXvxyNvofdBI7B0c-oiWzeTMSJLMx717kB25HlzxWAuP4wNYtwtMsFSu49bMcSQ84M2h-lHS9tT8ER04izeYUlQSI9ErK8mYFGfMiyEE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJEWVRHOEUtMTMtSktTUg==&google_push=ASkJ3FbsS46_aXt2XoE6kB_1l9RGOQV3FQWeI7EElwzCFXrhzRzKXvxyNvofdBI7B0c-oiWzeTMSJLMx717kB25HlzxWAuP4wNYtwtMsFSu49bMcSQ84M2h-lHS9tT8ER04izeYUlQSI9ErK8mYFGfMiyEE
Request Chain 148
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKp_KWxQeL2u0o5egn0Acz8&google_cver=1&google_push=ASkJ3FZhy_X8CqRUF8zMB5ytkyS2nliYFzpx8fuZut4pxdiPkQzzk5P9E825_ZyHY97xw8CO_VFViMUDJ2wTDLTdxaNQCpmAu3OF84DfRqpraAJfysMlXkFCESeJRGhqAXK1YK2TE2pq7JvuCaS1xgrBmQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKp_KWxQeL2u0o5egn0Acz8&google_hm=Y5DW8LNfJW9dzBIaockglwAADkwAAAIB&google_nid=index&google_push=ASkJ3FZhy_X8CqRUF8zMB5ytkyS2nliYFzpx8fuZut4pxdiPkQzzk5P9E825_ZyHY97xw8CO_VFViMUDJ2wTDLTdxaNQCpmAu3OF84DfRqpraAJfysMlXkFCESeJRGhqAXK1YK2TE2pq7JvuCaS1xgrBmQ
Request Chain 149
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEKdV8SNYM2GnFvEKJ7frtGE&google_cver=1&google_push=ASkJ3Fa3Ctdyv77_lcDVYR_7HBwaGRodMprxGNHcG3WdFgBYkh7XTZjKUjkrm-g_C8bP2cCLXaTG9tmsgITEcuaogPNbNbr2nf1QG1ezbgSNoIWHe2YWeywIJKHQTYNVUmjKNdVZGN-8fuJiXjn0A6gjG8M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3Fa3Ctdyv77_lcDVYR_7HBwaGRodMprxGNHcG3WdFgBYkh7XTZjKUjkrm-g_C8bP2cCLXaTG9tmsgITEcuaogPNbNbr2nf1QG1ezbgSNoIWHe2YWeywIJKHQTYNVUmjKNdVZGN-8fuJiXjn0A6gjG8M&google_hm=81eab9a700dfa206c92cade84d7754ef

173 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
vivanews.asia/
54 KB
10 KB
Document
General
Full URL
https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
b7b72cf5893cd988fcaf9a5adbabb9bf7a521affe75b59590f6dfb3a1f4945fd
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 07 Dec 2022 18:09:49 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://vivanews.asia/wp-json/>; rel="https://api.w.org/"
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-xss-protection
1; mode=block
style.min.css
vivanews.asia/wp-includes/css/dist/block-library/
93 KB
15 KB
Stylesheet
General
Full URL
https://vivanews.asia/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:49 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
last-modified
Thu, 01 Dec 2022 11:05:56 GMT
server
nginx
etag
W/"63888a94-172a9"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:49 GMT
classic-themes.min.css
vivanews.asia/wp-includes/css/
217 B
463 B
Stylesheet
General
Full URL
https://vivanews.asia/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:49 GMT
x-content-type-options
nosniff, nosniff
last-modified
Thu, 01 Dec 2022 11:05:56 GMT
server
nginx
etag
"63888a94-d9"
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
217
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:49 GMT
style.css
vivanews.asia/wp-content/themes/kizitheme/
16 KB
4 KB
Stylesheet
General
Full URL
https://vivanews.asia/wp-content/themes/kizitheme/style.css?ver=6.1.1
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
acc32c1030654659ed8e167d5c82ef5ad511261b6140a82f4874c3e389bf4d15
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:49 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 04:06:07 GMT
server
nginx
etag
W/"638433af-3ee2"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:49 GMT
skeleton.css
vivanews.asia/wp-content/themes/kizitheme/css/
13 KB
2 KB
Stylesheet
General
Full URL
https://vivanews.asia/wp-content/themes/kizitheme/css/skeleton.css?ver=6.1.1
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
6f0a78384a5fe1f2ccf0f887dbb4f7adc0746427ad847f7f0f37fb61fc641860
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:49 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 04:06:07 GMT
server
nginx
etag
W/"638433af-327c"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:49 GMT
iconfont.css
vivanews.asia/wp-content/themes/kizitheme/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://vivanews.asia/wp-content/themes/kizitheme/css/iconfont.css?ver=6.1.1
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
f3143ea841f3c387fc23d61a9932cd0d6aede512772392950834402812bda65d
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:49 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 04:06:07 GMT
server
nginx
etag
W/"638433af-14d6"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:49 GMT
css
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%2C300&ver=6.1.1
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98c79c403cbb4a0c321790331af72a914f0231da2736659055fc196597d6c31a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 07 Dec 2022 18:09:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 17:14:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 07 Dec 2022 18:09:49 GMT
jquery.min.js
vivanews.asia/wp-includes/js/jquery/
88 KB
34 KB
Script
General
Full URL
https://vivanews.asia/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:49 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
last-modified
Thu, 01 Dec 2022 11:05:56 GMT
server
nginx
etag
W/"63888a94-15e54"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:49 GMT
jquery-migrate.min.js
vivanews.asia/wp-includes/js/jquery/
11 KB
5 KB
Script
General
Full URL
https://vivanews.asia/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:49 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
last-modified
Thu, 01 Dec 2022 11:05:56 GMT
server
nginx
etag
W/"63888a94-2bd8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:49 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
80 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74b1553a8bc02b258d9607e3b6be0d38c69787670259db355120226bb9eb868e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27549
x-xss-protection
0
server
sffe
etag
"1414 / 261 of 1000 / last-modified: 1670414902"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 07 Dec 2022 18:09:50 GMT
vivanews.png
vivanews.asia/wp-content/uploads/2022/11/
17 KB
17 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/2022/11/vivanews.png
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
e3e2e029a91b0e0b3759ce3b13e3ec4f214e62d8b9d99f1ae05e5661ff234bef
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Tue, 29 Nov 2022 20:48:11 GMT
server
nginx
etag
"6386700b-43c4"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
17348
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
Earn-to-Die-1_1432296216.png
vivanews.asia/wp-content/uploads/thumbs/custom/E/
63 KB
63 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/E/Earn-to-Die-1_1432296216.png
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
956565d639de5e0d44c98b8deb304a86938aec1d8ddf321190ae57d291ae69eb
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Fri, 02 Dec 2022 15:53:47 GMT
server
nginx
etag
"638a1f8b-fc2d"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
64557
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
Crossy-Road-300x300.webp
vivanews.asia/wp-content/uploads/2022/12/
58 KB
58 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/2022/12/Crossy-Road-300x300.webp
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
4bd4c275f007d9e466783a2fce6bde0c35f098135b8f5afb6deda1dda03c4fca
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Fri, 02 Dec 2022 17:35:24 GMT
server
nginx
etag
"638a375c-e882"
content-type
image/webp
accept-ranges
bytes
content-length
59522
x-xss-protection
1; mode=block
sheep-underground.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/S/
71 KB
71 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/S/sheep-underground.jpg
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
5ed7f70e7c632f089ed340524dec67ba19c429841264beaf2be345c2c27f8c53
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Fri, 02 Dec 2022 15:48:53 GMT
server
nginx
etag
"638a1e65-11cbb"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
72891
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
super-mario-bros-1652945785.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/S/
13 KB
13 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/S/super-mario-bros-1652945785.jpg
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
ad78ff58114e92438a9a3e8aca9cefa822cd173ac669694f864520cb75643dca
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Fri, 02 Dec 2022 15:47:07 GMT
server
nginx
etag
"638a1dfb-3213"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
12819
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
pokevolve-1652778082.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/P/
13 KB
13 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/P/pokevolve-1652778082.jpg
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
2805a9706647dc3f67f18c7ab7450ba356368fbd6438c315de89ab9eef123edd
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Fri, 02 Dec 2022 15:41:47 GMT
server
nginx
etag
"638a1cbb-341e"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
13342
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
WHACKYOURBOSS-300x300.jpg
vivanews.asia/wp-content/uploads/2022/12/
18 KB
18 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/2022/12/WHACKYOURBOSS-300x300.jpg
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
82d885b57ea9266031e7efea885e247e8c8f4b146651017118188191056f51f3
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Fri, 02 Dec 2022 17:32:20 GMT
server
nginx
etag
"638a36a4-4732"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
18226
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
noob-vs-zombies-1655296006.png
vivanews.asia/wp-content/uploads/thumbs/custom/N/
47 KB
47 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/N/noob-vs-zombies-1655296006.png
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
208811b594100e86eb5f1732277c45e426905bca9c94a05bc1fc63af88bb6d01
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Fri, 02 Dec 2022 15:34:14 GMT
server
nginx
etag
"638a1af6-bb9b"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
48027
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
pixel-shooter-1659952182.png
vivanews.asia/wp-content/uploads/thumbs/custom/P/
43 KB
43 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/P/pixel-shooter-1659952182.png
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
1ebfd680b72b9825db5e9905ddc7634583d547e4f8935b74c4c77464fadaa9a5
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Fri, 02 Dec 2022 15:31:29 GMT
server
nginx
etag
"638a1a51-abb8"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
43960
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
murder-1558376048.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/M/
9 KB
9 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/M/murder-1558376048.jpg
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
f87b71f6a3914637476b44314228411f992ac30cab2ca55b2570ab1cce6125e2
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Fri, 02 Dec 2022 15:29:59 GMT
server
nginx
etag
"638a19f7-24bd"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9405
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
noob-fall-1657266717.png
vivanews.asia/wp-content/uploads/thumbs/custom/N/
40 KB
40 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/N/noob-fall-1657266717.png
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
4a2bf31cb7fc5fa522dfb7e0b849d200c10f8f5a6df38ba892bd084f0b9f0562
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Fri, 02 Dec 2022 15:25:43 GMT
server
nginx
etag
"638a18f7-9faf"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
40879
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
stick-merge-1654082995.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/S/
12 KB
12 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/S/stick-merge-1654082995.jpg
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
9b1b696ec3f788a517f464a3341906262f687aa000abf6b4120ca1f2b0baffef
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Fri, 02 Dec 2022 15:23:53 GMT
server
nginx
etag
"638a1889-2e93"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
11923
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
fall-guys-and-girls-1659946066.png
vivanews.asia/wp-content/uploads/thumbs/custom/F/
77 KB
77 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/F/fall-guys-and-girls-1659946066.png
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
32afc45d62308807fbf43cb70066e87de99e270ffc172031c71d8a8f01b2787d
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Fri, 02 Dec 2022 15:21:55 GMT
server
nginx
etag
"638a1813-13490"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
78992
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
canyon-defense-1666341982.png
vivanews.asia/wp-content/uploads/thumbs/custom/C/
82 KB
82 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/C/canyon-defense-1666341982.png
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
dd0037b1381eda94026ab71bf518b6d2533f18a7592db9dce036ae7194fb7892
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Fri, 02 Dec 2022 15:15:09 GMT
server
nginx
etag
"638a167d-147ea"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
83946
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
age-of-war-prehistoric-1658489597.png
vivanews.asia/wp-content/uploads/thumbs/custom/A/
14 KB
14 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/A/age-of-war-prehistoric-1658489597.png
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
3123931d2096e41866151ecbb3e392c4078fc19902e226036fa837ab764d0a71
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Thu, 01 Dec 2022 07:50:55 GMT
server
nginx
etag
"63885cdf-36f8"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
14072
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
imposter-battle-royale-1659951709.png
vivanews.asia/wp-content/uploads/thumbs/custom/I/
68 KB
69 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/I/imposter-battle-royale-1659951709.png
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
be51d196e9c1f842bb0d70cc2244d83b5635bd0219e533794ce62d86c702db4b
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Thu, 01 Dec 2022 07:47:38 GMT
server
nginx
etag
"63885c1a-111e0"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
70112
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
narrowone-1622488766.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/N/
10 KB
11 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/N/narrowone-1622488766.jpg
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
feca5d03b4626f7f5c63f64b33921ac8ea924404f504645d06aed7a3cbf6df7b
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Thu, 01 Dec 2022 07:38:34 GMT
server
nginx
etag
"638859fa-2960"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
10592
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
toon-cup-2022-1660496767.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/T/
12 KB
12 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/T/toon-cup-2022-1660496767.jpg
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
e7fe619fdeea2d0899b235da6eb39403a0f793b934a0004dba02660618098f27
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Thu, 01 Dec 2022 07:36:47 GMT
server
nginx
etag
"6388598f-302d"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
12333
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
home-sheep-home-1665390440.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/H/
10 KB
10 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/H/home-sheep-home-1665390440.jpg
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
0b6b927ed49b35cafb9649f4e46e95d5887b07f36a4b07b26f92dab06df1e3ab
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Thu, 01 Dec 2022 07:33:50 GMT
server
nginx
etag
"638858de-26b6"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9910
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
Nickelodeon-Hardest-Game-Ever_1438461632-1.png
vivanews.asia/wp-content/uploads/thumbs/custom/N/
79 KB
79 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/N/Nickelodeon-Hardest-Game-Ever_1438461632-1.png
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
443b42a7369c5d664b2743ecd813f175b7b927fa62fc21837d24c88603f964b6
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Thu, 01 Dec 2022 07:24:47 GMT
server
nginx
etag
"638856bf-13c2e"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
80942
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
NYAN-CAT-FLY.jpg
vivanews.asia/wp-content/uploads/2022/11/
43 KB
43 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/2022/11/NYAN-CAT-FLY.jpg
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
d5a391bc4a4fde724d0720d2f7216153ddac2456c8108b4267b0aaafec02dcf8
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Fri, 02 Dec 2022 17:39:14 GMT
server
nginx
etag
"638a3842-aab1"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
43697
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
heads-arena-soccer-all-stars-1660897040.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/H/
12 KB
13 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/H/heads-arena-soccer-all-stars-1660897040.jpg
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
5f15609dae773a4b3e3ff0893c694e0a728145bbc6be9fdd9898a56aeab834df
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 09:38:04 GMT
server
nginx
etag
"6384817c-31da"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
12762
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
bacon-may-die.png
vivanews.asia/wp-content/uploads/2022/11/
46 KB
47 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/2022/11/bacon-may-die.png
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
c2da550fb7091e629770f57aef5ae7be0e5460e39564b13ca5c7190ab9f3df66
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Fri, 02 Dec 2022 17:42:44 GMT
server
nginx
etag
"638a3914-b9da"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
47578
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
angry-ducks-1647528246.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/A/
9 KB
9 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/A/angry-ducks-1647528246.jpg
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
8d517631a58883faff47882e248f70964c65168e26ab649b47487e8c6ceca440
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 09:32:06 GMT
server
nginx
etag
"63848016-2349"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9033
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
frozendouble_1508143818.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/F/
13 KB
13 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/F/frozendouble_1508143818.jpg
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
40b5ee037cd0cdbcedaa693bf1ada6374bc34230dc5dbb8c6554944e318dfa8e
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 09:28:46 GMT
server
nginx
etag
"63847f4e-32e1"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
13025
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
subway-surfers-spacestation-300x300.jpg
vivanews.asia/wp-content/uploads/2022/11/
27 KB
27 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/2022/11/subway-surfers-spacestation-300x300.jpg
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
e7b959c432c42ff7654354fe0cda58079e4681e9476e3a243630515014125aee
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Fri, 02 Dec 2022 17:45:42 GMT
server
nginx
etag
"638a39c6-6b67"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
27495
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
FRIDAY-NIGHT-FUNKIN.png
vivanews.asia/wp-content/uploads/2022/11/
94 KB
94 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/2022/11/FRIDAY-NIGHT-FUNKIN.png
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
3cb13fe352e70a3164b48c06d7f3351827d2ab1c49f6b8e5f459fb3e7bb3591d
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Fri, 02 Dec 2022 17:50:31 GMT
server
nginx
etag
"638a3ae7-17661"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
95841
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
blockpost-online-1657611391.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/B/
7 KB
7 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/B/blockpost-online-1657611391.jpg
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
27ebb4b9fba54c26f207d200001889e4e123c0ad2dcd3ab05c2d8b0d6255521f
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 09:21:33 GMT
server
nginx
etag
"63847d9d-1d01"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
7425
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
raft-wars-1663420820.png
vivanews.asia/wp-content/uploads/thumbs/custom/R/
73 KB
74 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/R/raft-wars-1663420820.png
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
08fee21e5d5837b83dfc57550ef625c8101383b797d041e00b2203c835953223
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 09:18:41 GMT
server
nginx
etag
"63847cf1-12566"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
75110
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
fnf-2-player-1634827143.png
vivanews.asia/wp-content/uploads/thumbs/custom/F/
56 KB
56 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/F/fnf-2-player-1634827143.png
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
39f99fad5216bf62dbe0b75f585d68d7bb464810534fdc777f0fade6eb18df87
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 09:15:45 GMT
server
nginx
etag
"63847c41-e0b2"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
57522
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
hello-neighbor-alpha-4-1663069921.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/H/
9 KB
9 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/H/hello-neighbor-alpha-4-1663069921.jpg
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
f238e8708c8806ff68bf6d9b3f1bebc1501f91f7d336f72626d84072867d0798
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 07:46:17 GMT
server
nginx
etag
"63846749-247b"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9339
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
motox3m.png
vivanews.asia/wp-content/uploads/2022/11/
32 KB
33 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/2022/11/motox3m.png
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
7a0cb33ad56641087f3b9355a126591f57957c1dd8175a46f38d51834bdd8a42
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Fri, 02 Dec 2022 17:30:42 GMT
server
nginx
etag
"638a3642-8137"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
33079
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
zuma-high-speed-challenge-1666608874.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/Z/
9 KB
9 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/Z/zuma-high-speed-challenge-1666608874.jpg
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
67873e867f80a4e38ed77b2d2e470ffdc7404629233f6dd0c0ae060eb23b55a6
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 07:39:47 GMT
server
nginx
etag
"638465c3-2419"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9241
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
lets-color-noob-1667388622-1.png
vivanews.asia/wp-content/uploads/thumbs/custom/L/
51 KB
51 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/L/lets-color-noob-1667388622-1.png
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
ef6ff0da6c661c0c96c5cbb4e79cc930dffd2a11a80b1cf6796ea973d9c11c11
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 07:38:18 GMT
server
nginx
etag
"6384656a-ca45"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
51781
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
zuma-deluxe-1668145032.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/Z/
15 KB
15 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/Z/zuma-deluxe-1668145032.jpg
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
104f4f425ec150d76ff783bea28bb49a1f5f743305189ea91f34d79f3d95b48e
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 07:31:53 GMT
server
nginx
etag
"638463e9-3b44"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
15172
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
the-worlds-easyest-game_1503914933.png
vivanews.asia/wp-content/uploads/thumbs/custom/T/
58 KB
58 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/T/the-worlds-easyest-game_1503914933.png
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
dc6c10f75c0d86ce0a49a6c64440bfb7d996010f3fa6767d9c2384c7f43163c3
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 07:28:24 GMT
server
nginx
etag
"63846318-e7b8"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
59320
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
friday-night-funkin-hd-1620120645.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/F/
7 KB
7 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/F/friday-night-funkin-hd-1620120645.jpg
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
b83870f8305b8900262de8381157f408d91e044be196880218d8ee00a58f8e95
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 07:26:51 GMT
server
nginx
etag
"638462bb-1c2b"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
7211
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
papa-scooperia-1654592513.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/P/
13 KB
13 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/P/papa-scooperia-1654592513.jpg
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
c1edcc780d23377ea9c7e15b2a064085d1879bbe909e9c36f642021e8bb96743
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 07:24:26 GMT
server
nginx
etag
"6384622a-3204"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
12804
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
RetroBowl2.png
vivanews.asia/wp-content/uploads/2022/11/
8 KB
8 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/2022/11/RetroBowl2.png
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
3501a3ec0d024163ef992e0e5f87552d17569e23bcea1e69447f64179d614637
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Fri, 02 Dec 2022 17:29:21 GMT
server
nginx
etag
"638a35f1-20e8"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
8424
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
Glenn-Martin-Dental-Adventure_1432468062.png
vivanews.asia/wp-content/uploads/thumbs/custom/G/
58 KB
58 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/G/Glenn-Martin-Dental-Adventure_1432468062.png
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
a994550e07e2ccdf11d39850c1d27e897796afc20de7c21d0a0854ce67b7ba58
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 07:17:39 GMT
server
nginx
etag
"63846093-e8bb"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
59579
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
Extreme-Pamplona_1432472696.png
vivanews.asia/wp-content/uploads/thumbs/custom/E/
57 KB
57 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/E/Extreme-Pamplona_1432472696.png
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
17bfd84b7950ab91dec7b983a55bb24e4417bee3cfb3ec1434a4dd617df9e95f
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 07:15:07 GMT
server
nginx
etag
"63845ffb-e22f"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
57903
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
BoBoiBoy-Halilintar-vs-Taufan_1430588526.png
vivanews.asia/wp-content/uploads/thumbs/custom/B/
23 KB
23 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/B/BoBoiBoy-Halilintar-vs-Taufan_1430588526.png
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
8a6749df5bda37a8da862387e46cf39313d07ff2dcfa684faefaeb33b9a2ee6c
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 07:13:40 GMT
server
nginx
etag
"63845fa4-5b9f"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
23455
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
age-of-war-3-1587847090.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/A/
11 KB
11 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/A/age-of-war-3-1587847090.jpg
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
8b8b22b8c1df47f77a24146d9cacf8efa05e5b5016fe6b9075e032ac11488b41
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 07:11:43 GMT
server
nginx
etag
"63845f2f-2cbf"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
11455
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
death-note-type-game-1609874512.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/D/
9 KB
9 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/D/death-note-type-game-1609874512.jpg
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
0b60d0d8d1c1bcc232106bc6891f433de3370a372b04df6d4c76fd334abeb868
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 07:09:24 GMT
server
nginx
etag
"63845ea4-23cf"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9167
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
squid-game-pro-1633692889.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/S/
9 KB
9 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/S/squid-game-pro-1633692889.jpg
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
18a62be8995d31496185e6bb49cf98355734f8ecd29d0c87e79164b90fc0d306
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 07:07:51 GMT
server
nginx
etag
"63845e47-24d7"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9431
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
slope.jpg
vivanews.asia/wp-content/uploads/2022/11/
23 KB
23 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/2022/11/slope.jpg
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
055acaa4ad04b13215cfd46fad9930e06a98bb333b445da13e90a0ef2ce26f89
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Fri, 02 Dec 2022 17:30:04 GMT
server
nginx
etag
"638a361c-5b9c"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
23452
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
Love-Tester_1433792092.png
vivanews.asia/wp-content/uploads/thumbs/custom/L/
23 KB
23 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/L/Love-Tester_1433792092.png
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
292f38ab6aa1dc37e03e86f5e97b5949101902fd155abc76ce19f82b96201864
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 07:00:14 GMT
server
nginx
etag
"63845c7e-5b11"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
23313
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
garfield-scary-scavenger-1652949366.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/G/
15 KB
15 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/G/garfield-scary-scavenger-1652949366.jpg
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
f9c2bb5c7f8b32755a14d63e0a812911e2286f8aa23c910cc790f0937aacf37d
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 06:58:58 GMT
server
nginx
etag
"63845c32-3c79"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
15481
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
roblox-online-1647528660.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/R/
12 KB
13 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/R/roblox-online-1647528660.jpg
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
617ff2eb3d5dbbbc37949c4fdf8406e7a8a08990f1b846a8011d614ad2c1f88b
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 06:51:17 GMT
server
nginx
etag
"63845a65-3148"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
12616
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
Run-3.png
vivanews.asia/wp-content/uploads/2022/11/
33 KB
33 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/2022/11/Run-3.png
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
b1845327cc9109e7908fbd355c4c27bfa87aebf7915525ab593d13f449695fc0
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Fri, 02 Dec 2022 17:28:49 GMT
server
nginx
etag
"638a35d1-8372"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
33650
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
subway-surfers-hong-kong-1664719850.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/S/
13 KB
14 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/S/subway-surfers-hong-kong-1664719850.jpg
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
e6229885746123984ffa4249d1036a9fe9cf949d3940fe5815086702b7962afe
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 06:45:34 GMT
server
nginx
etag
"6384590e-35b3"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
13747
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
drive-mad-1663425416.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/D/
9 KB
10 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/D/drive-mad-1663425416.jpg
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
f7faa4715a7b7e6cb5d09c4f485825d35d963b684c255013b813d9d5a7b1bd26
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 06:42:41 GMT
server
nginx
etag
"63845861-2516"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9494
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
the-last-miner-1667388455.png
vivanews.asia/wp-content/uploads/thumbs/custom/T/
25 KB
25 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/T/the-last-miner-1667388455.png
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
8c0fcb802476b243779d9398d68f5bbdee60031f2aeb6979817317dae9731a8e
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 06:40:56 GMT
server
nginx
etag
"638457f8-6472"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
25714
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
subway-surfers-marrakech-1667232387.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/S/
14 KB
14 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/S/subway-surfers-marrakech-1667232387.jpg
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
23d19ebfe50d8795a5e8415ae5a36bf81f00b6525d2de87406dd73448f03a742
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 06:39:32 GMT
server
nginx
etag
"638457a4-38d5"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
14549
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
bubble-guppies-good-hair-day-1585388828.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/B/
10 KB
10 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/B/bubble-guppies-good-hair-day-1585388828.jpg
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
58c3399ef6051a79ca1061c2369c75dfef8b53f9967755266e40f5a0b974b16a
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 06:36:33 GMT
server
nginx
etag
"638456f1-2631"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9777
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
Untitled_1493814440.png
vivanews.asia/wp-content/uploads/thumbs/custom/U/
63 KB
63 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/U/Untitled_1493814440.png
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
aa06e9ae7ff4d566ba5b5bb58e5a0d4f6ef3722974f2f72881a247dc88c47087
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 06:34:09 GMT
server
nginx
etag
"63845661-fae8"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
64232
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
recoil-1668944481.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/R/
5 KB
6 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/R/recoil-1668944481.jpg
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
06f67df6d5f61a5e5c5993071e2f11e4433439179c5e1072a280c38c341a2484
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 06:32:21 GMT
server
nginx
etag
"638455f5-158e"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5518
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
fnf-vs-five-nights-at-freddys-2-1668512291.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/F/
16 KB
16 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/F/fnf-vs-five-nights-at-freddys-2-1668512291.jpg
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
c33e04a65b94fbe734a7ab1aa56c60237a72c071ea57a7c41be9d66bc79dc537
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 05:02:52 GMT
server
nginx
etag
"638440fc-3e2c"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
15916
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
rainbow-friends-horror-playground-1668175329.png
vivanews.asia/wp-content/uploads/thumbs/custom/R/
59 KB
60 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/R/rainbow-friends-horror-playground-1668175329.png
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
54ac5cf40e7dac93d1bca06e700092b9ed760b43bed977769c117a4410e6f8b3
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 05:01:28 GMT
server
nginx
etag
"638440a8-ed46"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
60742
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
friday-night-funkin-foned-in-mobile-version-1629885933.png
vivanews.asia/wp-content/uploads/thumbs/custom/F/
72 KB
72 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/F/friday-night-funkin-foned-in-mobile-version-1629885933.png
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
9a729582bb72af90bca58d2ae31d5bf9bfde790855e37cc178aa8496432a9c2a
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 04:57:49 GMT
server
nginx
etag
"63843fcd-11fc3"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
73667
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
five-nights-at-freddys-1-1642150967.png
vivanews.asia/wp-content/uploads/thumbs/custom/F/
73 KB
73 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/F/five-nights-at-freddys-1-1642150967.png
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
2d88ff141755a1244a45f4c81b8addb815b49eaabf3158d0492bdfc883b88245
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 04:55:46 GMT
server
nginx
etag
"63843f52-12344"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
74564
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
backyard-junk-1667235131.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/B/
9 KB
10 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/B/backyard-junk-1667235131.jpg
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
1084ce3b01bdb94f9f33901c0d2ccc07ff6c29b77383ab9d7f035f98e8e418f4
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 04:44:30 GMT
server
nginx
etag
"63843cae-2546"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9542
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
om-nom-connect-classic-1669573142-1.jpg
vivanews.asia/wp-content/uploads/thumbs/custom/O/
9 KB
9 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/O/om-nom-connect-classic-1669573142-1.jpg
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
cca76b60cdd1d620eaeecef628b6c5395d23149e8fc8ec9045b884b585eb1dc6
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 04:32:09 GMT
server
nginx
etag
"638439c9-226c"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
8812
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
2048cupcakes-150x150.png
vivanews.asia/wp-content/uploads/thumbs/custom/0-9/
19 KB
19 KB
Image
General
Full URL
https://vivanews.asia/wp-content/uploads/thumbs/custom/0-9/2048cupcakes-150x150.png
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
6bd47176b1c3d762d864aeeb233ca7e793004248449c3843c63657542481a092
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 04:10:53 GMT
server
nginx
etag
"638434cd-4ae8"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
19176
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
jquery.infinitescroll.js
vivanews.asia/wp-content/plugins/infinite-scroll/js/front-end/
21 KB
12 KB
Script
General
Full URL
https://vivanews.asia/wp-content/plugins/infinite-scroll/js/front-end/jquery.infinitescroll.js?ver=2.6.1
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
fded0bd09f076102d1d2d4ab75e18a20c758a6d63a71458918d937d4fda10e09
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 04:06:16 GMT
server
nginx
etag
W/"638433b8-528c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
imagesloaded.min.js
vivanews.asia/wp-includes/js/
5 KB
2 KB
Script
General
Full URL
https://vivanews.asia/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
last-modified
Thu, 01 Dec 2022 11:05:56 GMT
server
nginx
etag
W/"63888a94-15fd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
masonry.min.js
vivanews.asia/wp-includes/js/
24 KB
8 KB
Script
General
Full URL
https://vivanews.asia/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
last-modified
Thu, 01 Dec 2022 11:05:56 GMT
server
nginx
etag
W/"63888a94-5e4a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
general.js
vivanews.asia/wp-content/themes/kizitheme/js/
278 B
487 B
Script
General
Full URL
https://vivanews.asia/wp-content/themes/kizitheme/js/general.js?ver=6.1.1
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
75eadfc4966f8e40d2f5aa4ebc91741a4bec5599e28b04024d38c3dd9c689477
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 04:06:07 GMT
server
nginx
etag
W/"638433af-116"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
wp-emoji-release.min.js
vivanews.asia/wp-includes/js/
18 KB
6 KB
Script
General
Full URL
https://vivanews.asia/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
last-modified
Thu, 01 Dec 2022 11:05:56 GMT
server
nginx
etag
W/"63888a94-48b9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
cursor.png
vivanews.asia/wp-content/themes/kizitheme/images/
3 KB
3 KB
Image
General
Full URL
https://vivanews.asia/wp-content/themes/kizitheme/images/cursor.png
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/wp-content/themes/kizitheme/style.css?ver=6.1.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
45f01389f53d04bb01a647bdd8c45468ca3cdde76233f519729d9d1ff7a42e96
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/wp-content/themes/kizitheme/style.css?ver=6.1.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 04:06:07 GMT
server
nginx
etag
"638433af-a58"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2648
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
bg.png
vivanews.asia/wp-content/themes/kizitheme/images/
574 B
822 B
Image
General
Full URL
https://vivanews.asia/wp-content/themes/kizitheme/images/bg.png
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/wp-content/themes/kizitheme/style.css?ver=6.1.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
b38534408e8ecfce571b2498e509ede194064dca3258fe2fd0d31d685797972d
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/wp-content/themes/kizitheme/style.css?ver=6.1.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 04:06:07 GMT
server
nginx
etag
"638433af-23e"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
574
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
dg.png
vivanews.asia/wp-content/themes/kizitheme/images/
478 B
726 B
Image
General
Full URL
https://vivanews.asia/wp-content/themes/kizitheme/images/dg.png
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/wp-content/themes/kizitheme/style.css?ver=6.1.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
17eebde91d71e72d303e72fc0e868edf07fad12a4b149e0a038b385027521df3
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/wp-content/themes/kizitheme/style.css?ver=6.1.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 04:06:07 GMT
server
nginx
etag
"638433af-1de"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
478
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
search.png
vivanews.asia/wp-content/themes/kizitheme/images/
915 B
1 KB
Image
General
Full URL
https://vivanews.asia/wp-content/themes/kizitheme/images/search.png
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/wp-content/themes/kizitheme/style.css?ver=6.1.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
39a1a12523530085e8302e0e3cf71374bfc493b74a36369cb3f6eb640630eca9
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/wp-content/themes/kizitheme/style.css?ver=6.1.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 04:06:07 GMT
server
nginx
etag
"638433af-393"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
915
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
blackspace.png
vivanews.asia/wp-content/themes/kizitheme/images/
471 B
719 B
Image
General
Full URL
https://vivanews.asia/wp-content/themes/kizitheme/images/blackspace.png
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/wp-content/themes/kizitheme/style.css?ver=6.1.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
9bf5df923c301309cbce4831273710c7ab50e6b2d8ddb275bdfdc924fec29c37
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/wp-content/themes/kizitheme/style.css?ver=6.1.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 04:06:07 GMT
server
nginx
etag
"638433af-1d7"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
471
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
whitespace.png
vivanews.asia/wp-content/themes/kizitheme/images/
471 B
719 B
Image
General
Full URL
https://vivanews.asia/wp-content/themes/kizitheme/images/whitespace.png
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/wp-content/themes/kizitheme/style.css?ver=6.1.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
bf4e62ceb823aefcf198a034a491c8e17a432df849f317e36ee3fe02f775dc3d
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/wp-content/themes/kizitheme/style.css?ver=6.1.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 04:06:07 GMT
server
nginx
etag
"638433af-1d7"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
471
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
badges.png
vivanews.asia/wp-content/themes/kizitheme/images/
4 KB
4 KB
Image
General
Full URL
https://vivanews.asia/wp-content/themes/kizitheme/images/badges.png
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/wp-content/themes/kizitheme/style.css?ver=6.1.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
86fcbebfc3beb20cc090c44b05e9ca59400de0ca9fc348171e37216dbdb64fa8
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/wp-content/themes/kizitheme/style.css?ver=6.1.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff, nosniff
last-modified
Mon, 28 Nov 2022 04:06:07 GMT
server
nginx
etag
"638433af-f92"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3986
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:09:50 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%2C300&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vivanews.asia
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 22:53:39 GMT
x-content-type-options
nosniff
age
587771
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15660
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:42:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Nov 2023 22:53:39 GMT
iconfont.woff
vivanews.asia/wp-content/themes/kizitheme/font/
11 KB
11 KB
Font
General
Full URL
https://vivanews.asia/wp-content/themes/kizitheme/font/iconfont.woff?60403388
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/wp-content/themes/kizitheme/css/iconfont.css?ver=6.1.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.76.76.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.76.61.vultrusercontent.com
Software
nginx /
Resource Hash
a73c3d5995e2b9438a42cb9b65351b943265fbde78b8b3b581e67d5018a49af0

Request headers

Referer
https://vivanews.asia/wp-content/themes/kizitheme/css/iconfont.css?ver=6.1.1
Origin
https://vivanews.asia
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
last-modified
Mon, 28 Nov 2022 04:06:07 GMT
server
nginx
etag
"638433af-2ad8"
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
10968
expires
Thu, 07 Dec 2023 18:09:50 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%2C300&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vivanews.asia
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 22:18:31 GMT
x-content-type-options
nosniff
age
71479
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15700
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:51:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Dec 2023 22:18:31 GMT
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/
380 KB
129 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071184
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 16:33:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
178595
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 05 Dec 2023 16:33:15 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
73 B
83 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=vivanews.asia
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c0d1d99e56d40feb850e857a0cc61a76ec8657e9f9fc1e7bae04b42d5da551f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59
x-xss-protection
0
expires
Wed, 07 Dec 2022 18:09:50 GMT
integrator.js
adservice.google.ca/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=vivanews.asia
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071184
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=vivanews.asia
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071184
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
20 KB
9 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3150185086976909&correlator=856312751643009&eid=31071151%2C31071184%2C31070232%2C21065725&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=22844651693%2Cads_a&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ifi=1&adks=1665673251&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1670436590354&lmt=1670436590&dlt=1670436589736&idt=576&adxs=315&adys=60&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fvivanews.asia%2F&frm=20&vis=1&psz=1600x250&msz=1600x250&fws=0&ohw=0&ga_vid=1415736191.1670436590&ga_sid=1670436590&ga_hid=1716801575&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071184
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1bab9fe22edab84e52bf1ed9adaf22e71e28d8963ff743691306f871a3ea119d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9488
x-xss-protection
0
google-lineitem-id
6152990858
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412446901
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://vivanews.asia
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3DE2
6 KB
3 KB
Document
General
Full URL
https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071184
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vivanews.asia/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 07 Dec 2022 18:09:50 GMT
expires
Thu, 07 Dec 2023 18:09:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4E0A
6 KB
3 KB
Document
General
Full URL
https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071184
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vivanews.asia/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 07 Dec 2022 18:09:50 GMT
expires
Thu, 07 Dec 2023 18:09:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4E0A
24 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com
URL: https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 03:22:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
571662
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 01 Dec 2023 03:22:08 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 4E0A
143 KB
49 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3308065306784993
Requested by
Host: 5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com
URL: https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01b56a47fe308931676251e54f09978ae3c113933585fb2b718e93d0617a49b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/
Origin
https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49198
x-xss-protection
0
server
cafe
etag
11602991462876482212
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 07 Dec 2022 18:09:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4E0A
153 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com
URL: https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47692
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670243872199174"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 07 Dec 2022 18:09:50 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4E0A
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuy-5NfxF4rgTxmcGZ9LrPoBnTOnVWPhLYXAU4WxURgXTNo290MQmkv5qxn4ocRgbUp26BmYbmcPYey9dEn0uWo8bdoniY82EVRq6QkapzCajCjukMj6czDQ-BuY2GfC495Cgp_55_gH1R3rkqDbU-IRyKR5pWvWKbvKLznNto3FBoLBGhD-TI6XL_N27i3SXNPdYFiUBCYVY3xLhGxY5uk1uCZOBSz4a-NSHy2moxh-zl1qlkX3_0KjXrOUQsjx7E9iuVEa9GfsNHGp8Y_wHF0OaLKxfXyiPpjOjrKPiiuieCxdkN7e2Dm&sai=AMfl-YSAWwsaWDypw6UvUueiUSgxIoSU_WYifQVNQkPkY_nRob3y997Q5nh193kqhP1quTuGRCQQSe-stJCl-w2Jm_Gl4CDRvuGJVFZ1eLunZoT5aK1S3NLyZjoPfWE1-FOLujQE&sig=Cg0ArKJSzDRdwkx3GWe4EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com
URL: https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 07 Dec 2022 18:09:50 GMT
truncated
/ Frame 4E0A
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
725cec0adb3474254d639c60ce66dcf7787f811dbbc9999afe3b89ffd53d786d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/ Frame 4E0A
355 KB
117 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3308065306784993
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
24098ffd52c543cd93401f1b57100d207a92f4f203d3f6de73d9e21db52f6ebf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119786
x-xss-protection
0
server
cafe
etag
2753446575527297894
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Dec 2022 18:09:50 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221129/r20190131/ Frame A90A
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221129/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3308065306784993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
3444
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 07 Dec 2022 17:12:26 GMT
etag
10353107486223812946
expires
Wed, 21 Dec 2022 17:12:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 4E0A
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5DGFe4Sbu2XVka36pZmR7CbXMzgx8HW_yvwgOEZMoXt9Gfh0-5tWRHA4KCz3x3AjA_fRdKYRnAXXcnaHilr6Vg9CDev-kjA7mJa_qnpDrtii2dtgt-2aLdMLRKX9qEzvWRujcbGGrYT1wEcKOwT2YpkAF7LBMVh0Oc4EUv19DEe3FaU2vox70aRoC_lTGRaKYe4B0Ra0sa5hVBgL-sXgRO9dPn6jWR58-WRj2rES31SGhOpubNAMdy0hA715HFy2xLSW8p3eEmHxrSN3ru2svT-1V0TXGSusALiO4KkAq1psHSPTcjmAWgpA&sai=AMfl-YQu0q_pONeqR1-1fr0i8jaxENLFf0BZxccN7M05K6XUH_PJpZAK5PWbuzRTRk6rgQQ5dpDLoywLJEpmhathhQY3IDn5KV_TL462_AtZrAmb0uomZjLWqwDu1hquu6R--yeH&sig=Cg0ArKJSzA_gzVj_ZhErEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 07 Dec 2022 18:09:51 GMT
sodar
pagead2.googlesyndication.com/getconfig/
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071184
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45a5a7e1516d809fd5f1ce8f72237a8b4148aa46b8b055f22385e30bb6e67a42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11288
x-xss-protection
0
integrator.js
adservice.google.ca/adsid/ Frame 4E0A
107 B
122 B
Script
General
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 4E0A
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2EFF
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&adk=1812271804&adf=3279755399&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670436590778&bpp=5&bdt=245&idt=189&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&nras=1&correlator=6802309372592&frm=24&ife=3&pv=2&ga_vid=186587116.1670436591&ga_sid=1670436591&ga_hid=1502866042&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3623698145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=4157502748526341&tmod=1347136777&uas=0&nvt=1&etu=ALEzveltYJkQJOiuicy-L0678qHkMlYftZUIoTdMAZhTkCCVYkBHkjR1wejrzdczwwbYYTyO8JSYOTw&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.t7gpdtdhahyj&fsb=1&dtd=260
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 07 Dec 2022 18:09:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4E0A
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221129&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86cd172029aaf00d8aaf4b710ae202115e9f60262d0cff5c1c0ec48bc2e7824f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11013
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6782
27 KB
12 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3173046730&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670436590778&bpp=2&bdt=244&idt=219&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6802309372592&frm=24&ife=3&pv=1&ga_vid=186587116.1670436591&ga_sid=1670436591&ga_hid=1502866042&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3623698145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=4157502748526341&tmod=1347136777&uas=0&nvt=1&etu=ALEzveltYJkQJOiuicy-L0678qHkMlYftZUIoTdMAZhTkCCVYkBHkjR1wejrzdczwwbYYTyO8JSYOTw&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.82lxsd6kjy9j&fsb=1&dtd=272
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b03624a4c39691ace4ea254f4255fea92bc411f9233956cde68916f657cb7412
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
12540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 07 Dec 2022 18:09:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4E0A
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 07 Dec 2022 18:09:51 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071184
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 07 Dec 2022 18:09:51 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D22A
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
90778
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 16:56:53 GMT
expires
Wed, 06 Dec 2023 16:56:53 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2320
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
57366c2247050026db3ded157b31c233bc2d2d58dc363c56014b5fbd33b44704
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pjblW22ZDvbbj5LT2-ZUFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-pjblW22ZDvbbj5LT2-ZUFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 07 Dec 2022 18:09:51 GMT
expires
Wed, 07 Dec 2022 18:09:51 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
o1Uwx-LeZy1xXNnqv4YwBo-O3KbbR1TU6AaZC5EN1kw.js
pagead2.googlesyndication.com/bg/ Frame D22A
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/o1Uwx-LeZy1xXNnqv4YwBo-O3KbbR1TU6AaZC5EN1kw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a35530c7e2de672d715cd9eabf8630068f8edca6db4754d4e806990b910dd64c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 22:44:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
415518
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16040
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 22:44:33 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 913D
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vivanews.asia/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
90778
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 16:56:53 GMT
expires
Wed, 06 Dec 2023 16:56:53 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F595
783 B
739 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3db431c3a9217c58b86c78ef1c9fcf7f44e35d599350e9d027ec28454a7c32e9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nRrzfpaHBQG1Aza1s9UnOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vivanews.asia/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-nRrzfpaHBQG1Aza1s9UnOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 07 Dec 2022 18:09:51 GMT
expires
Wed, 07 Dec 2022 18:09:51 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 2320
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221129&jk=4157502748526341&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame F595
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=3150185086976909&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

o1Uwx-LeZy1xXNnqv4YwBo-O3KbbR1TU6AaZC5EN1kw.js
pagead2.googlesyndication.com/bg/ Frame 913D
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/o1Uwx-LeZy1xXNnqv4YwBo-O3KbbR1TU6AaZC5EN1kw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a35530c7e2de672d715cd9eabf8630068f8edca6db4754d4e806990b910dd64c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 22:44:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
415518
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16040
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 22:44:33 GMT
generate_204
tpc.googlesyndication.com/ Frame D22A
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?K4VPxw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:51 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 913D
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?blUTwg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:51 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 4E0A
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssXLw1QEivRc6jGU5A_h9Z4DK417TJ0xxbr9qEuFAMlE4-AEkukKyd8nEmPy7LFl_b9zGndt0oxtIip1SdXMFtrxC9ezSNPII74v629rg4pdBtw2JIL&sig=Cg0ArKJSzA1Ncp9gIfjPEAE&id=lidar2&mcvt=1000&p=60,315,310,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221205&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1665673251&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670436590487&rpt=522&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 18:09:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4E0A
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221129&jk=4157502748526341&bg=!pqWlpeHNAAa7eOFIm3g7ACkAdvg8WmILPEpVjq4WKNVPm37TrhcpoMdmxeyCTNND6N-4Shhs_C8IewIAAADSUgAAAARoAQeZAunxZS4eG1ETMQMuginp6mYHgeYdBrFWH8Vfe8QHxOZRA_cIHL0-SjXtIYAK5wn5m9bL6pQ2UmO-OT9eRlhHQaged1LrEsevYeAa3vcLVcQyAsZVoh2t9U19ewcMXTiJzBpJIx6GDQt3g79jkKEhAGjsZBiD8C3DKWIMY6dSNKnW3pFwbq_3PMKToaunlDRxs0FGz75_p4ZUsbUupvGs-ZnIwF2xXkdMempg0yVTFG3CV6ELM4Tw4v9W1nZPZnnHjUJ52B5zuIa6jw3sGQn1LfTLfUrjEiKsA18UuR1QNQlaaiA36cVDL0HRy7MpLUmDdjn44J584qlyLD03y6QXRtwbUUo-h4Rkxe9wC22PKoJ3abRURwnXVHCmab2ZPr4JzjXQipFdoAaov04uxpMLJWz9Ci7zyk3Swo2SmvuzUrkponSvEPEej33rFX8_TQFtovAy6WvZxA0me9x8Bbu4uEhQeaCqBpeFAkXZ1FdTtC3tY4ul7wfAHAg7xUluWdas5qoKrHeVZUeO13nVrxIcuYtiK49wQZAojjfodyScqD_Uz4pXfpiqRNv-0_MGr2MYe5YFC53txHtEtATKU7accxe3nTs0LiB2NBpvHxUCVVNmIrdMGQxf_yDDC7oq06VJ80hzBB3od5Yh2dQVcyPUp0JPLzt_O7FNy6aU4mNerD1BgTjSxqcG8m-h1xpTDdjG7DHUfevoPGH9J3wbwxi7h3Kl06xG_Ddep6PZYkb7vpYifMJcnyAqqv2ElTjQIVxs9ZFv0ME5rRccl63hU8aibrhR-vs9rvlQRluPF_gHRcoX36olzfM9TO17Kx2f3yXGef5rTrHy8gs-Y4POmnAfLBM4WwOjS-NJGLXNbN774wV9yUQDbj6cZphGDKUmSgSLl6W_ck6Bppn-pX1NsZe_CC8m0LhYD02fURIZMYwT3kJ_vp5gouxCYhkdxf220tmYgkKQ1b_4vxbrTIOfiVXDmq6ifjFSa6UtYJLM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120501&jk=3150185086976909&bg=!BgWlBUHNAAa7eOFIm3g7ACkAdvg8WpP2aCbPLDHHe4x-iIcNO_xUJLYxGzdbgwwHlAOuT0JRdOwWTQIAAACZUgAAAANoAQcKAFCVCPWRuCXzlefbGQlUrUsKtt7QIK3i_gfUm_2iMlo-JD1809PKseWZtl8Dl_UK6gBOB89JCBoVxUK0Ix1bh9ue9ainbIf-I7NiJM3KM2rnNpkCp5UxCG9Rkg7wb65-fFM-8MHQS_vZZUcZ24lCWhb2TzPuwWEyIFKbC9mDXH2D_Mc4pFu5MzG_uPIYBl3NKUQ71-VoJADc08E19Gtmclz6_l32yhXBiLOiuRaDTC4i9s89cP_tUuIfACgZK5r9GrMosN0NmPXCUYzAR6wCBF-ahD-X7dZN3cMbubDz2uGLKxAWC7DXQy1wI2fsg4hLDxEGK-R85e7I0O2BWNaIzUg0rPqamQxEqhaTmLq6r9zWBfnDtNEEV4l3xfyV_4prrIAjlvNdRjP_5smJH1EpTYFP1tldymoVYxkfhidq2jVECj1cAhJ4T2cZHWOPkK1ITZmuZGuUX8UIpE9AWH5z3_WH7rhqM5gZ-WGE3qRGfnZXDpMWw0cdi33-5iJ-HE90o6ArJ0rFS4bMdTR0ofg0JQM3JyIWn3AeIYkeE1IG2_-lBjXOqomPUt37q09p8KxvqiNBrz1hpUKum4_q4f7JL5c0P9aTkwmEX7v_KSESQXRXI_RVXfcwRNwFHXFdl7dF89SE8lGSYWGBwFYoX8KykRUZsui9matBezYeCm5t0yVp9Hc1CQOTu-gnP68iLKW_ALFrMDAxoQkRihytmpWHqDYAuiw6Csyj0Dnz2gMvD9GzwK5dvKMYdxTobbuEdUmeP2cBhkJKKybGuL_KsYi4CjBFzgRcr_TvBg0EOi1L4St4EZ5s9hYpcYmVBBrsSQJQnYA-j7m0bGxJENRsqmLKzM8jtNnrfDtY333ct0sw4v5nejy7w8AP0qfa3MhXZ5R1itdsvmUJ3B8OzP6QJXMrnTevAG-2krph9iJwgyxWNDqctV2xDOiHhcpVsbTgfqOKu8rO3mc_26_ATGh3nUerMQifherOL02QGq_8ghXrsgsIOAOqmjmXDr2vlwY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vivanews.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

gen_204
pagead2.googlesyndication.com/pagead/ Frame 6782
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DloRhXxxakEgIg7LOKWrPslnKW2j_9v024UTpeplkvTxRzacSev43qYpDwL5jXtdX_nYpWXbWlqZmFygdCZkPxpzM0WZ8m3O8OuK03_Ees73HLb-4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3173046730&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670436590778&bpp=2&bdt=244&idt=219&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6802309372592&frm=24&ife=3&pv=1&ga_vid=186587116.1670436591&ga_sid=1670436591&ga_hid=1502866042&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3623698145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=4157502748526341&tmod=1347136777&uas=0&nvt=1&etu=ALEzveltYJkQJOiuicy-L0678qHkMlYftZUIoTdMAZhTkCCVYkBHkjR1wejrzdczwwbYYTyO8JSYOTw&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.82lxsd6kjy9j&fsb=1&dtd=272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 18:09:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 6782
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3173046730&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670436590778&bpp=2&bdt=244&idt=219&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6802309372592&frm=24&ife=3&pv=1&ga_vid=186587116.1670436591&ga_sid=1670436591&ga_hid=1502866042&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3623698145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=4157502748526341&tmod=1347136777&uas=0&nvt=1&etu=ALEzveltYJkQJOiuicy-L0678qHkMlYftZUIoTdMAZhTkCCVYkBHkjR1wejrzdczwwbYYTyO8JSYOTw&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.82lxsd6kjy9j&fsb=1&dtd=272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 00:36:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
63223
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Dec 2022 00:36:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 6782
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3173046730&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670436590778&bpp=2&bdt=244&idt=219&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6802309372592&frm=24&ife=3&pv=1&ga_vid=186587116.1670436591&ga_sid=1670436591&ga_hid=1502866042&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3623698145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=4157502748526341&tmod=1347136777&uas=0&nvt=1&etu=ALEzveltYJkQJOiuicy-L0678qHkMlYftZUIoTdMAZhTkCCVYkBHkjR1wejrzdczwwbYYTyO8JSYOTw&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.82lxsd6kjy9j&fsb=1&dtd=272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:05:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
61443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7443
x-xss-protection
0
server
cafe
etag
629801499763588852
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Dec 2022 01:05:49 GMT
l
www.google.com/ads/measurement/ Frame 6782
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSZxJ0XdTAQNxzZaLvnzic5NxHb7GcRE0S-242m06Hn1JuJBx7Wj8xsgJ8NeKi3IGR6Ck_yvH_Isc2lYup1zsRztzJdkA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3173046730&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670436590778&bpp=2&bdt=244&idt=219&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6802309372592&frm=24&ife=3&pv=1&ga_vid=186587116.1670436591&ga_sid=1670436591&ga_hid=1502866042&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3623698145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=4157502748526341&tmod=1347136777&uas=0&nvt=1&etu=ALEzveltYJkQJOiuicy-L0678qHkMlYftZUIoTdMAZhTkCCVYkBHkjR1wejrzdczwwbYYTyO8JSYOTw&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.82lxsd6kjy9j&fsb=1&dtd=272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6782
153 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3173046730&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670436590778&bpp=2&bdt=244&idt=219&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6802309372592&frm=24&ife=3&pv=1&ga_vid=186587116.1670436591&ga_sid=1670436591&ga_hid=1502866042&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3623698145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=4157502748526341&tmod=1347136777&uas=0&nvt=1&etu=ALEzveltYJkQJOiuicy-L0678qHkMlYftZUIoTdMAZhTkCCVYkBHkjR1wejrzdczwwbYYTyO8JSYOTw&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.82lxsd6kjy9j&fsb=1&dtd=272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47692
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670243872199174"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 07 Dec 2022 18:09:53 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/ Frame 6782
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3173046730&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670436590778&bpp=2&bdt=244&idt=219&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6802309372592&frm=24&ife=3&pv=1&ga_vid=186587116.1670436591&ga_sid=1670436591&ga_hid=1502866042&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3623698145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=4157502748526341&tmod=1347136777&uas=0&nvt=1&etu=ALEzveltYJkQJOiuicy-L0678qHkMlYftZUIoTdMAZhTkCCVYkBHkjR1wejrzdczwwbYYTyO8JSYOTw&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.82lxsd6kjy9j&fsb=1&dtd=272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e965485436a460b6ffc44695b148993598bd4e6cdb8447a547fb5609e3ca152
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:05:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
61443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9421
x-xss-protection
0
server
cafe
etag
8437175705735068947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Dec 2022 01:05:49 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 31A7
624 B
242 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMH6FRCUyVkYi5v42QEwAQ&v=APEucNXDe_3VxTZlO3QMq9m6wAiOpHEIQLLLGAiZ6WikudEBpegE5wl96Tgq54o_XKRfz3eURbxjExJ_8aQUt_G-FqCE7Z-nOQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3173046730&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670436590778&bpp=2&bdt=244&idt=219&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6802309372592&frm=24&ife=3&pv=1&ga_vid=186587116.1670436591&ga_sid=1670436591&ga_hid=1502866042&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3623698145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=4157502748526341&tmod=1347136777&uas=0&nvt=1&etu=ALEzveltYJkQJOiuicy-L0678qHkMlYftZUIoTdMAZhTkCCVYkBHkjR1wejrzdczwwbYYTyO8JSYOTw&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.82lxsd6kjy9j&fsb=1&dtd=272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3173046730&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670436590778&bpp=2&bdt=244&idt=219&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6802309372592&frm=24&ife=3&pv=1&ga_vid=186587116.1670436591&ga_sid=1670436591&ga_hid=1502866042&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3623698145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=4157502748526341&tmod=1347136777&uas=0&nvt=1&etu=ALEzveltYJkQJOiuicy-L0678qHkMlYftZUIoTdMAZhTkCCVYkBHkjR1wejrzdczwwbYYTyO8JSYOTw&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.82lxsd6kjy9j&fsb=1&dtd=272
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 07 Dec 2022 18:09:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 6782
123 KB
35 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BmJAgAp-p4PQ2bEdfrwPzjqhADgmUUVH_oyrTSElvHVpBUGFnxHCFI_EtS1iG2NbZI1UKBNvr9KEzPyhOYmobh7RVx3N1nf5SwY5M0BDmPEuSnsFUnyJnxU0LaFjtT3SahUnqw5HecI3mmClgVUnPasZTKOakhs9Nn4rLfeoTJHSsA9yg&dbm_d=AKAmf-CpRDh2J_mIPa1wUZzCgRKQXT6xME5U_zopcdaEqq0BtTB3TFC5_1TUf93Kw1HJdsSWi1PIUrCtVpebL-LhlNlXtA5R4mCy1SOCIp8tUJtciKTz1Fokdu_ja5wCdF2HMrBhmtJv8IIuwhdYamdOyFDC9_E8Fi068SSMDx094o5ZwBKzEtyla209Jz3zjt7jU4pdr9BXE-8sprw7UlAla6rPg1W1aZr2YtyPhoSLrlOtvCbM58-u5Hxqa2KkXgXnKsS4uZicHsRJSTN5hlksuw8VhNUgFzRdGe6Bc5842CFwgLls8GCnVsvQ7gaeeULkbF3zwwEtDCF6dMC3x1rJ39lJvf7EBYChi8c6QNmTYXQv7iWc3pUp8N9jbVZX12ADxq-Rc6OZVkgOAt4_fZEXaP3HQSrEOFP3W6a-pkqrQalDLS3oeVryg3lWIFhsm9SHhCWP9yx1as-fPt4AbWcQ0vuyVUA-NTE61cHuIfAA4TGzHFw4aLsG7GVqdSnhuBEgkx7hUhtXmy1P3-wCP8u-4yCut4G_cul9dms8KVm52jX7cX75INlcmJ3oWombsEB_hb9EWczoJR30Vex3TDtimxl3sTQFTzwtuIZM-admikEQy3OSWiD4C11MLp5UUGR5Giquj6IlE2oAep3UGyXOo4B3Szh77gg9kbYzJ9rmPQHxXT5WLgttmLP5H1PHY_CxyPV5noi1GaYR-SQEerG0pd1EL4RM-c6-3HTbfcTGems1iGslo7YC4FsRzf0LMCp9Q3qfHQVyIlxnbvZ3nemEzbci-Q7skBK1_u6bLmzDjElVOGca2Bk899yLoxA_YwNUwxzzmAHRdP_cxezt7zJ7ZsBFjTDobx3iMCJFMFN74A48ozz4GeoUjvwlFaJYY4FPQFGsuKz5WZEwK1rwP7_P1ZoBBSufBjeebiDmgrBS592CHu7EmFEhyP9O1PejF4tX1hYdKHzSksNPreXTBZU8AaadUiPa_mvX2U7ay0fpYdJn68h16F4KR3BMiAh06ZJuEFyHyEeIJVP3l65uwwuXpamHCAWRgS8YNpShmfAubkuDlHLNAsqnM3uO3XVxCVDqnfj7Ksnx5u4NeIrxEZh121VzvRLukgwZ-F1Lam8m3nm3SvBzcT2abMxU0wKG45mJEDxfHrNVAKL7rRS9mWQJFX8I9g_QDFfx1gp6zoaNJ06kK3yYJPTp-MjdHz7NAeznm4B2I0E9LUUBYH72WQ1zyyrDuKC0w7g-0anSlZ1o6LxmHcfmNJPnMJCGwrEW1SuwVO-RusXfie-FzVWeKga59kDxQ-ZtcVeyAN3s9-HMgkuHbXShMMWjpvL3lcpmPtdlXakShFbUhwpRHHyb8YcV0FzGN7zGCGJz8b_1MKPHUzTQo9e0ocLThzzhovUedMsncB4ePX_SIYyWNh-e4-UogzYsyxNAiaaLMSkAgQbN2Qfc6KSZIw0B8mNMyo_3FoJiq_6Ck5ogvTO1NNzSUOX-QV3dF7weBtaVuc9OjBML0_I_Pe_LFCpsL0E24xnNg4iSyUb23PXEa5-Ta_d1RON1k9Z59Y9ecZ2G0U-gK2FZ_bVPC68m8VdDe2b0lUNnRCugIy1dhAJiMW-73tQLdpJH8ZnHtXobkY1Uk0FiLnXCmKydOlAWKe9erbj5hoK3L57QOD9bH33xM_k4fV6rquCqnUIj6Wrd_uEGZRHMzDGdEEf4w2eTp4Ue3h40W2DOt6mTReJWiG36fLYIHNVIF_GIqksAjVtcdzufQ0aQPOx1MseGpEkGCKzOJUnPjx2sTXNJcN77Dv818F6jCP-LN_NFMlSAXNrM5UWqVg8wIi2QwIK3zWK0q-2gEA-FKMgauME0LhIW_ERcbnNUcyuxOZDr5UC7ZyGy_qAgfqa0ZfiAyfB5WJTFOA3fPvInwru17xY_yOgCFG5bpWtQmd_FOdXcSWqAItsC5_No0PUfuBxqEbZCsY7Tnq9VpDOkoYiUgTOcnzurHujhN7W-4SJJkJ6BffwxjvEBzaJwO_wgLBRKQn-NWdOUHqDGoPP9FPvMICGqtogXIHbIP0AdDaoLXQ0t04t0t_lyjTbYvCsvB0_aCak-MUfg4GEj6_bORfCXKQlwXzyMKZT_CuSi3eem_eAFBCo3iK29XaHSI389pUcergIgNN6oMXy98OVwDV8QkZE24MrPMJENXtQ2TB7u8FgnELPs-ufS1peRDMWFGZRqrKODSegjkNMTwtfrP_ImGSBZ1etuCS-Is6Wx4d2LJPIZqW-bxiJKWHetQbVf5kC_a8YagZ_l2Q1m5Y5bOW_yUBmdxi1j-kFeV1_-3V0PiM1rn7ambWhVU5ZztTjPi8XmpMLhLHUXqfctfFTl09O-5pU8FcXhcRiqY5pjdvuP36AZ3OSGsI_HMtPMGLFi8iDWuuy-SFtiR3hkIa73kJOJguxw3JgghViRMNQjSPU1DyVuxnn42pZbddtVOrO-gzHtg1K8kfhv9aO_-NRQJcayU1ui1OJyGZJ_UZClknF7xUswjPIAEqnzkiD0mu9tLHrJEEGkyKRae0C0yGu9rceez9lK4BZR89BMN-s18PkpS7fFOwL6Ij2CZLaSYl5E-8zALstsc2S9psQTeKYeDZVOEeMAwSjjkx_GXwxXgFEUJDxxKN-4JFFWIco7dqu0cyMq1wJRTvy_JbSdP9evMfRhcGYwWqMWuZeqygHRqeTZWYAXl1FMHepAVLvYdywkmPMaDSLFQhdossgIR-f1O9Y1Oq6E6x2a5yeCKiNKtUxyk8yp2hdUyX3923LUEXEjAHG2zHL26cGzFJTPLuSLftuhFJJIYYNz8MTWqfVlZhE_LRMq0z-5INYv80CdRylcDb3tTxk9qSp1oKdNmH1sGWD_bRJTmQVQLLPgjXdsdTfSTR2EIcIFXqhtEpv2OrusDOGGtVTXK_x29WN-QhO_-X4LAwuyoOvzWhhTnmFy6oyP5rw3rGSTZPCo1kxRsxE2RgmrrvAezhtWYN2rC6Wvdbf7hKBh1rCQ26VGH4HHBt02iqAyHAkMJgQiZBIl1nLWyvgXWvEenKwXupSpiSn6XlU-9DUUcwBIzM-4p_LtD-LJifb2wFbZQv7Z7cy1LALE6Tb2s1UC1D3Y-9LtV-AJiHmo1s82E_wCk5saVjYHyBJm6Uv7XE6v8GBCMSIwaWjRLjDHmldou0ugsQbBSmW0kNPEDifIBLuT3NaPELJ38ZiqufACRWN9K2xtm980h6J1y0_lWV7jdEklDu4&cid=CAQSKQDq26N9H1H2ugAjLuesIIPNfObN0l0wj6DjMDt5dmMhTSJagsoAx1vyGAEgEw&rfl=2%2Chttps%253A%252F%252Fvivanews.asia%242%2Chttps%253A%252F%252F5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3173046730&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670436590778&bpp=2&bdt=244&idt=219&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6802309372592&frm=24&ife=3&pv=1&ga_vid=186587116.1670436591&ga_sid=1670436591&ga_hid=1502866042&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3623698145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=4157502748526341&tmod=1347136777&uas=0&nvt=1&etu=ALEzveltYJkQJOiuicy-L0678qHkMlYftZUIoTdMAZhTkCCVYkBHkjR1wejrzdczwwbYYTyO8JSYOTw&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.82lxsd6kjy9j&fsb=1&dtd=272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
92e7b397cdc4be8a86f2b4410316bc67fdf345c4d4282a433e4ba990eae3b749
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3173046730&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670436590778&bpp=2&bdt=244&idt=219&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6802309372592&frm=24&ife=3&pv=1&ga_vid=186587116.1670436591&ga_sid=1670436591&ga_hid=1502866042&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3623698145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=4157502748526341&tmod=1347136777&uas=0&nvt=1&etu=ALEzveltYJkQJOiuicy-L0678qHkMlYftZUIoTdMAZhTkCCVYkBHkjR1wejrzdczwwbYYTyO8JSYOTw&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.82lxsd6kjy9j&fsb=1&dtd=272
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 18:09:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35697
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 31A7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGn63Gq8lRw6Fo0U70SdvSA&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGn63Gq8lRw6Fo0U70SdvSA&google_cver=1&C=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGn63Gq8lRw6Fo0U70SdvSA&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMH6FRCUyVkYi5v42QEwAQ&v=APEucNXDe_3VxTZlO3QMq9m6wAiOpHEIQLLLGAiZ6WikudEBpegE5wl96Tgq54o_XKRfz3eURbxjExJ_8aQUt_G-FqCE7Z-nOQ
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Dec 2022 18:09:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 07 Dec 2022 18:09:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEGn63Gq8lRw6Fo0U70SdvSA&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 31A7
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y5DW8LNfJW9dzBIaockglwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGn63Gq8lRw6Fo0U70SdvSA&google_cver=1
43 B
894 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGn63Gq8lRw6Fo0U70SdvSA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMH6FRCUyVkYi5v42QEwAQ&v=APEucNXDe_3VxTZlO3QMq9m6wAiOpHEIQLLLGAiZ6WikudEBpegE5wl96Tgq54o_XKRfz3eURbxjExJ_8aQUt_G-FqCE7Z-nOQ
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Dec 2022 18:09:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 07 Dec 2022 18:09:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGn63Gq8lRw6Fo0U70SdvSA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 31A7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEM0Rzo7fnSdVfzXA--Etyt8&google_cver=1
43 B
1018 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEM0Rzo7fnSdVfzXA--Etyt8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMH6FRCUyVkYi5v42QEwAQ&v=APEucNXDe_3VxTZlO3QMq9m6wAiOpHEIQLLLGAiZ6WikudEBpegE5wl96Tgq54o_XKRfz3eURbxjExJ_8aQUt_G-FqCE7Z-nOQ
Protocol
HTTP/1.1
Server
68.67.160.186 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Dec 2022 18:09:52 GMT
AN-X-Request-Uuid
131ec01c-5cfc-442d-aa64-86012ae6932d
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 07 Dec 2022 18:09:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEM0Rzo7fnSdVfzXA--Etyt8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 31A7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE2Nzg5NDgzNDQzNjQ4ODU3OA%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE2Nzg5NDgzNDQzNjQ4ODU3OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMH6FRCUyVkYi5v42QEwAQ&v=APEucNXDe_3VxTZlO3QMq9m6wAiOpHEIQLLLGAiZ6WikudEBpegE5wl96Tgq54o_XKRfz3eURbxjExJ_8aQUt_G-FqCE7Z-nOQ
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 18:09:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 07 Dec 2022 18:09:52 GMT
AN-X-Request-Uuid
cd8556f3-1c02-452d-8039-cc534174c95c
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE2Nzg5NDgzNDQzNjQ4ODU3OA%3D%3D
Connection
keep-alive
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 6782
170 KB
59 KB
Script
General
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:20:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78543
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 07 Dec 2022 20:20:49 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221206/r20110914/elements/html/ Frame 6782
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221206/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BmJAgAp-p4PQ2bEdfrwPzjqhADgmUUVH_oyrTSElvHVpBUGFnxHCFI_EtS1iG2NbZI1UKBNvr9KEzPyhOYmobh7RVx3N1nf5SwY5M0BDmPEuSnsFUnyJnxU0LaFjtT3SahUnqw5HecI3mmClgVUnPasZTKOakhs9Nn4rLfeoTJHSsA9yg&dbm_d=AKAmf-CpRDh2J_mIPa1wUZzCgRKQXT6xME5U_zopcdaEqq0BtTB3TFC5_1TUf93Kw1HJdsSWi1PIUrCtVpebL-LhlNlXtA5R4mCy1SOCIp8tUJtciKTz1Fokdu_ja5wCdF2HMrBhmtJv8IIuwhdYamdOyFDC9_E8Fi068SSMDx094o5ZwBKzEtyla209Jz3zjt7jU4pdr9BXE-8sprw7UlAla6rPg1W1aZr2YtyPhoSLrlOtvCbM58-u5Hxqa2KkXgXnKsS4uZicHsRJSTN5hlksuw8VhNUgFzRdGe6Bc5842CFwgLls8GCnVsvQ7gaeeULkbF3zwwEtDCF6dMC3x1rJ39lJvf7EBYChi8c6QNmTYXQv7iWc3pUp8N9jbVZX12ADxq-Rc6OZVkgOAt4_fZEXaP3HQSrEOFP3W6a-pkqrQalDLS3oeVryg3lWIFhsm9SHhCWP9yx1as-fPt4AbWcQ0vuyVUA-NTE61cHuIfAA4TGzHFw4aLsG7GVqdSnhuBEgkx7hUhtXmy1P3-wCP8u-4yCut4G_cul9dms8KVm52jX7cX75INlcmJ3oWombsEB_hb9EWczoJR30Vex3TDtimxl3sTQFTzwtuIZM-admikEQy3OSWiD4C11MLp5UUGR5Giquj6IlE2oAep3UGyXOo4B3Szh77gg9kbYzJ9rmPQHxXT5WLgttmLP5H1PHY_CxyPV5noi1GaYR-SQEerG0pd1EL4RM-c6-3HTbfcTGems1iGslo7YC4FsRzf0LMCp9Q3qfHQVyIlxnbvZ3nemEzbci-Q7skBK1_u6bLmzDjElVOGca2Bk899yLoxA_YwNUwxzzmAHRdP_cxezt7zJ7ZsBFjTDobx3iMCJFMFN74A48ozz4GeoUjvwlFaJYY4FPQFGsuKz5WZEwK1rwP7_P1ZoBBSufBjeebiDmgrBS592CHu7EmFEhyP9O1PejF4tX1hYdKHzSksNPreXTBZU8AaadUiPa_mvX2U7ay0fpYdJn68h16F4KR3BMiAh06ZJuEFyHyEeIJVP3l65uwwuXpamHCAWRgS8YNpShmfAubkuDlHLNAsqnM3uO3XVxCVDqnfj7Ksnx5u4NeIrxEZh121VzvRLukgwZ-F1Lam8m3nm3SvBzcT2abMxU0wKG45mJEDxfHrNVAKL7rRS9mWQJFX8I9g_QDFfx1gp6zoaNJ06kK3yYJPTp-MjdHz7NAeznm4B2I0E9LUUBYH72WQ1zyyrDuKC0w7g-0anSlZ1o6LxmHcfmNJPnMJCGwrEW1SuwVO-RusXfie-FzVWeKga59kDxQ-ZtcVeyAN3s9-HMgkuHbXShMMWjpvL3lcpmPtdlXakShFbUhwpRHHyb8YcV0FzGN7zGCGJz8b_1MKPHUzTQo9e0ocLThzzhovUedMsncB4ePX_SIYyWNh-e4-UogzYsyxNAiaaLMSkAgQbN2Qfc6KSZIw0B8mNMyo_3FoJiq_6Ck5ogvTO1NNzSUOX-QV3dF7weBtaVuc9OjBML0_I_Pe_LFCpsL0E24xnNg4iSyUb23PXEa5-Ta_d1RON1k9Z59Y9ecZ2G0U-gK2FZ_bVPC68m8VdDe2b0lUNnRCugIy1dhAJiMW-73tQLdpJH8ZnHtXobkY1Uk0FiLnXCmKydOlAWKe9erbj5hoK3L57QOD9bH33xM_k4fV6rquCqnUIj6Wrd_uEGZRHMzDGdEEf4w2eTp4Ue3h40W2DOt6mTReJWiG36fLYIHNVIF_GIqksAjVtcdzufQ0aQPOx1MseGpEkGCKzOJUnPjx2sTXNJcN77Dv818F6jCP-LN_NFMlSAXNrM5UWqVg8wIi2QwIK3zWK0q-2gEA-FKMgauME0LhIW_ERcbnNUcyuxOZDr5UC7ZyGy_qAgfqa0ZfiAyfB5WJTFOA3fPvInwru17xY_yOgCFG5bpWtQmd_FOdXcSWqAItsC5_No0PUfuBxqEbZCsY7Tnq9VpDOkoYiUgTOcnzurHujhN7W-4SJJkJ6BffwxjvEBzaJwO_wgLBRKQn-NWdOUHqDGoPP9FPvMICGqtogXIHbIP0AdDaoLXQ0t04t0t_lyjTbYvCsvB0_aCak-MUfg4GEj6_bORfCXKQlwXzyMKZT_CuSi3eem_eAFBCo3iK29XaHSI389pUcergIgNN6oMXy98OVwDV8QkZE24MrPMJENXtQ2TB7u8FgnELPs-ufS1peRDMWFGZRqrKODSegjkNMTwtfrP_ImGSBZ1etuCS-Is6Wx4d2LJPIZqW-bxiJKWHetQbVf5kC_a8YagZ_l2Q1m5Y5bOW_yUBmdxi1j-kFeV1_-3V0PiM1rn7ambWhVU5ZztTjPi8XmpMLhLHUXqfctfFTl09O-5pU8FcXhcRiqY5pjdvuP36AZ3OSGsI_HMtPMGLFi8iDWuuy-SFtiR3hkIa73kJOJguxw3JgghViRMNQjSPU1DyVuxnn42pZbddtVOrO-gzHtg1K8kfhv9aO_-NRQJcayU1ui1OJyGZJ_UZClknF7xUswjPIAEqnzkiD0mu9tLHrJEEGkyKRae0C0yGu9rceez9lK4BZR89BMN-s18PkpS7fFOwL6Ij2CZLaSYl5E-8zALstsc2S9psQTeKYeDZVOEeMAwSjjkx_GXwxXgFEUJDxxKN-4JFFWIco7dqu0cyMq1wJRTvy_JbSdP9evMfRhcGYwWqMWuZeqygHRqeTZWYAXl1FMHepAVLvYdywkmPMaDSLFQhdossgIR-f1O9Y1Oq6E6x2a5yeCKiNKtUxyk8yp2hdUyX3923LUEXEjAHG2zHL26cGzFJTPLuSLftuhFJJIYYNz8MTWqfVlZhE_LRMq0z-5INYv80CdRylcDb3tTxk9qSp1oKdNmH1sGWD_bRJTmQVQLLPgjXdsdTfSTR2EIcIFXqhtEpv2OrusDOGGtVTXK_x29WN-QhO_-X4LAwuyoOvzWhhTnmFy6oyP5rw3rGSTZPCo1kxRsxE2RgmrrvAezhtWYN2rC6Wvdbf7hKBh1rCQ26VGH4HHBt02iqAyHAkMJgQiZBIl1nLWyvgXWvEenKwXupSpiSn6XlU-9DUUcwBIzM-4p_LtD-LJifb2wFbZQv7Z7cy1LALE6Tb2s1UC1D3Y-9LtV-AJiHmo1s82E_wCk5saVjYHyBJm6Uv7XE6v8GBCMSIwaWjRLjDHmldou0ugsQbBSmW0kNPEDifIBLuT3NaPELJ38ZiqufACRWN9K2xtm980h6J1y0_lWV7jdEklDu4&cid=CAQSKQDq26N9H1H2ugAjLuesIIPNfObN0l0wj6DjMDt5dmMhTSJagsoAx1vyGAEgEw&rfl=2%2Chttps%253A%252F%252Fvivanews.asia%242%2Chttps%253A%252F%252F5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:07:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
117
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Dec 2022 18:07:55 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame 6782
30 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BmJAgAp-p4PQ2bEdfrwPzjqhADgmUUVH_oyrTSElvHVpBUGFnxHCFI_EtS1iG2NbZI1UKBNvr9KEzPyhOYmobh7RVx3N1nf5SwY5M0BDmPEuSnsFUnyJnxU0LaFjtT3SahUnqw5HecI3mmClgVUnPasZTKOakhs9Nn4rLfeoTJHSsA9yg&dbm_d=AKAmf-CpRDh2J_mIPa1wUZzCgRKQXT6xME5U_zopcdaEqq0BtTB3TFC5_1TUf93Kw1HJdsSWi1PIUrCtVpebL-LhlNlXtA5R4mCy1SOCIp8tUJtciKTz1Fokdu_ja5wCdF2HMrBhmtJv8IIuwhdYamdOyFDC9_E8Fi068SSMDx094o5ZwBKzEtyla209Jz3zjt7jU4pdr9BXE-8sprw7UlAla6rPg1W1aZr2YtyPhoSLrlOtvCbM58-u5Hxqa2KkXgXnKsS4uZicHsRJSTN5hlksuw8VhNUgFzRdGe6Bc5842CFwgLls8GCnVsvQ7gaeeULkbF3zwwEtDCF6dMC3x1rJ39lJvf7EBYChi8c6QNmTYXQv7iWc3pUp8N9jbVZX12ADxq-Rc6OZVkgOAt4_fZEXaP3HQSrEOFP3W6a-pkqrQalDLS3oeVryg3lWIFhsm9SHhCWP9yx1as-fPt4AbWcQ0vuyVUA-NTE61cHuIfAA4TGzHFw4aLsG7GVqdSnhuBEgkx7hUhtXmy1P3-wCP8u-4yCut4G_cul9dms8KVm52jX7cX75INlcmJ3oWombsEB_hb9EWczoJR30Vex3TDtimxl3sTQFTzwtuIZM-admikEQy3OSWiD4C11MLp5UUGR5Giquj6IlE2oAep3UGyXOo4B3Szh77gg9kbYzJ9rmPQHxXT5WLgttmLP5H1PHY_CxyPV5noi1GaYR-SQEerG0pd1EL4RM-c6-3HTbfcTGems1iGslo7YC4FsRzf0LMCp9Q3qfHQVyIlxnbvZ3nemEzbci-Q7skBK1_u6bLmzDjElVOGca2Bk899yLoxA_YwNUwxzzmAHRdP_cxezt7zJ7ZsBFjTDobx3iMCJFMFN74A48ozz4GeoUjvwlFaJYY4FPQFGsuKz5WZEwK1rwP7_P1ZoBBSufBjeebiDmgrBS592CHu7EmFEhyP9O1PejF4tX1hYdKHzSksNPreXTBZU8AaadUiPa_mvX2U7ay0fpYdJn68h16F4KR3BMiAh06ZJuEFyHyEeIJVP3l65uwwuXpamHCAWRgS8YNpShmfAubkuDlHLNAsqnM3uO3XVxCVDqnfj7Ksnx5u4NeIrxEZh121VzvRLukgwZ-F1Lam8m3nm3SvBzcT2abMxU0wKG45mJEDxfHrNVAKL7rRS9mWQJFX8I9g_QDFfx1gp6zoaNJ06kK3yYJPTp-MjdHz7NAeznm4B2I0E9LUUBYH72WQ1zyyrDuKC0w7g-0anSlZ1o6LxmHcfmNJPnMJCGwrEW1SuwVO-RusXfie-FzVWeKga59kDxQ-ZtcVeyAN3s9-HMgkuHbXShMMWjpvL3lcpmPtdlXakShFbUhwpRHHyb8YcV0FzGN7zGCGJz8b_1MKPHUzTQo9e0ocLThzzhovUedMsncB4ePX_SIYyWNh-e4-UogzYsyxNAiaaLMSkAgQbN2Qfc6KSZIw0B8mNMyo_3FoJiq_6Ck5ogvTO1NNzSUOX-QV3dF7weBtaVuc9OjBML0_I_Pe_LFCpsL0E24xnNg4iSyUb23PXEa5-Ta_d1RON1k9Z59Y9ecZ2G0U-gK2FZ_bVPC68m8VdDe2b0lUNnRCugIy1dhAJiMW-73tQLdpJH8ZnHtXobkY1Uk0FiLnXCmKydOlAWKe9erbj5hoK3L57QOD9bH33xM_k4fV6rquCqnUIj6Wrd_uEGZRHMzDGdEEf4w2eTp4Ue3h40W2DOt6mTReJWiG36fLYIHNVIF_GIqksAjVtcdzufQ0aQPOx1MseGpEkGCKzOJUnPjx2sTXNJcN77Dv818F6jCP-LN_NFMlSAXNrM5UWqVg8wIi2QwIK3zWK0q-2gEA-FKMgauME0LhIW_ERcbnNUcyuxOZDr5UC7ZyGy_qAgfqa0ZfiAyfB5WJTFOA3fPvInwru17xY_yOgCFG5bpWtQmd_FOdXcSWqAItsC5_No0PUfuBxqEbZCsY7Tnq9VpDOkoYiUgTOcnzurHujhN7W-4SJJkJ6BffwxjvEBzaJwO_wgLBRKQn-NWdOUHqDGoPP9FPvMICGqtogXIHbIP0AdDaoLXQ0t04t0t_lyjTbYvCsvB0_aCak-MUfg4GEj6_bORfCXKQlwXzyMKZT_CuSi3eem_eAFBCo3iK29XaHSI389pUcergIgNN6oMXy98OVwDV8QkZE24MrPMJENXtQ2TB7u8FgnELPs-ufS1peRDMWFGZRqrKODSegjkNMTwtfrP_ImGSBZ1etuCS-Is6Wx4d2LJPIZqW-bxiJKWHetQbVf5kC_a8YagZ_l2Q1m5Y5bOW_yUBmdxi1j-kFeV1_-3V0PiM1rn7ambWhVU5ZztTjPi8XmpMLhLHUXqfctfFTl09O-5pU8FcXhcRiqY5pjdvuP36AZ3OSGsI_HMtPMGLFi8iDWuuy-SFtiR3hkIa73kJOJguxw3JgghViRMNQjSPU1DyVuxnn42pZbddtVOrO-gzHtg1K8kfhv9aO_-NRQJcayU1ui1OJyGZJ_UZClknF7xUswjPIAEqnzkiD0mu9tLHrJEEGkyKRae0C0yGu9rceez9lK4BZR89BMN-s18PkpS7fFOwL6Ij2CZLaSYl5E-8zALstsc2S9psQTeKYeDZVOEeMAwSjjkx_GXwxXgFEUJDxxKN-4JFFWIco7dqu0cyMq1wJRTvy_JbSdP9evMfRhcGYwWqMWuZeqygHRqeTZWYAXl1FMHepAVLvYdywkmPMaDSLFQhdossgIR-f1O9Y1Oq6E6x2a5yeCKiNKtUxyk8yp2hdUyX3923LUEXEjAHG2zHL26cGzFJTPLuSLftuhFJJIYYNz8MTWqfVlZhE_LRMq0z-5INYv80CdRylcDb3tTxk9qSp1oKdNmH1sGWD_bRJTmQVQLLPgjXdsdTfSTR2EIcIFXqhtEpv2OrusDOGGtVTXK_x29WN-QhO_-X4LAwuyoOvzWhhTnmFy6oyP5rw3rGSTZPCo1kxRsxE2RgmrrvAezhtWYN2rC6Wvdbf7hKBh1rCQ26VGH4HHBt02iqAyHAkMJgQiZBIl1nLWyvgXWvEenKwXupSpiSn6XlU-9DUUcwBIzM-4p_LtD-LJifb2wFbZQv7Z7cy1LALE6Tb2s1UC1D3Y-9LtV-AJiHmo1s82E_wCk5saVjYHyBJm6Uv7XE6v8GBCMSIwaWjRLjDHmldou0ugsQbBSmW0kNPEDifIBLuT3NaPELJ38ZiqufACRWN9K2xtm980h6J1y0_lWV7jdEklDu4&cid=CAQSKQDq26N9H1H2ugAjLuesIIPNfObN0l0wj6DjMDt5dmMhTSJagsoAx1vyGAEgEw&rfl=2%2Chttps%253A%252F%252Fvivanews.asia%242%2Chttps%253A%252F%252F5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
157
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11387
x-xss-protection
0
server
cafe
etag
8197878782792770439
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Dec 2022 18:07:15 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6782
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3173046730&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670436590778&bpp=2&bdt=244&idt=219&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6802309372592&frm=24&ife=3&pv=1&ga_vid=186587116.1670436591&ga_sid=1670436591&ga_hid=1502866042&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3623698145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=4157502748526341&tmod=1347136777&uas=0&nvt=1&etu=ALEzveltYJkQJOiuicy-L0678qHkMlYftZUIoTdMAZhTkCCVYkBHkjR1wejrzdczwwbYYTyO8JSYOTw&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.82lxsd6kjy9j&fsb=1&dtd=272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:44:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
131117
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Dec 2023 05:44:35 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B0EA
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3173046730&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670436590778&bpp=2&bdt=244&idt=219&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6802309372592&frm=24&ife=3&pv=1&ga_vid=186587116.1670436591&ga_sid=1670436591&ga_hid=1502866042&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3623698145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=4157502748526341&tmod=1347136777&uas=0&nvt=1&etu=ALEzveltYJkQJOiuicy-L0678qHkMlYftZUIoTdMAZhTkCCVYkBHkjR1wejrzdczwwbYYTyO8JSYOTw&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.82lxsd6kjy9j&fsb=1&dtd=272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
81185
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 19:36:47 GMT
etag
48472445140208031
expires
Wed, 07 Dec 2022 19:36:47 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6782
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aeab465952d969dc17e27078f7dfc23f12cb3c36c1031789bf82857898577de5

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame BCBD
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
131117
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 05:44:35 GMT
expires
Wed, 06 Dec 2023 05:44:35 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dpixel
cms.quantserve.com/ Frame B0EA
35 B
464 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGJCvC1YXfRczNkCYL_pE84&google_cver=1&google_push=ASkJ3Fb2lDkoG0ShQQPu1BnlvGgcmBoL0pvgsj46DgrBL7SZaT2eYHG_ehX7oAKw53U-eryhgr8qDDRlXYM8q0TtWAq_0WgQtV8iTLFpJsGtZ0PDU6YfScFJA40jmdJEkLVJXXcDuZ_jiexSe8b29yNWkHo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3173046730&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670436590778&bpp=2&bdt=244&idt=219&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6802309372592&frm=24&ife=3&pv=1&ga_vid=186587116.1670436591&ga_sid=1670436591&ga_hid=1502866042&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3623698145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=4157502748526341&tmod=1347136777&uas=0&nvt=1&etu=ALEzveltYJkQJOiuicy-L0678qHkMlYftZUIoTdMAZhTkCCVYkBHkjR1wejrzdczwwbYYTyO8JSYOTw&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.82lxsd6kjy9j&fsb=1&dtd=272
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN27281 (QUANTCAST, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 18:09:52 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B0EA
Redirect Chain
  • https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESELKrf07Hud20azITLqw9-_k&google_cver=1&google_push=ASkJ3FZ9_hPwEj01w9cOsmbw-kgW2YwnUvgWmdOrKKpqW9sjO2ko177mc-9H81oSylX9EX5VI0vpqTx2IGhQPfX...
  • https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=Wlz175q_hujWhxgu-QPDPU&tap=gAds&google_gid=CAESELKrf07Hud20azITLqw9-_k&google_cver=1&google_push=ASkJ3FZ9_hPwEj01w9cOsmbw-kgW2YwnUvgW...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=Wlz175q_hujWhxgu-QPDPU&tap=gAds&google_gid=CAESELKrf07Hud20azITLqw9-_k&google_cver=1&google_push=ASkJ3FZ9_hPwEj01w9cOsmbw-kgW2YwnUvgWmdOrKKpqW9sjO2ko177mc-9H81oSylX9EX5VI0vpqTx2IGhQPfXdnnaManJzqjoQ1U-RA0Z2arcAAEH2Cqw0eTNphv29BNiGN2tCu8FToD7YAsOOpjiXTvM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3173046730&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670436590778&bpp=2&bdt=244&idt=219&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6802309372592&frm=24&ife=3&pv=1&ga_vid=186587116.1670436591&ga_sid=1670436591&ga_hid=1502866042&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3623698145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=4157502748526341&tmod=1347136777&uas=0&nvt=1&etu=ALEzveltYJkQJOiuicy-L0678qHkMlYftZUIoTdMAZhTkCCVYkBHkjR1wejrzdczwwbYYTyO8JSYOTw&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.82lxsd6kjy9j&fsb=1&dtd=272
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 18:09:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=7884000; includeSubDomains
via
HTTP/2.0 odnd
date
Wed, 07 Dec 2022 18:09:54 GMT
last-modified
Tue, 11 Oct 2022 18:05:06 GMT
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=Wlz175q_hujWhxgu-QPDPU&tap=gAds&google_gid=CAESELKrf07Hud20azITLqw9-_k&google_cver=1&google_push=ASkJ3FZ9_hPwEj01w9cOsmbw-kgW2YwnUvgWmdOrKKpqW9sjO2ko177mc-9H81oSylX9EX5VI0vpqTx2IGhQPfXdnnaManJzqjoQ1U-RA0Z2arcAAEH2Cqw0eTNphv29BNiGN2tCu8FToD7YAsOOpjiXTvM
cache-control
no-store, no-cache, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
content-length
0
x-tb
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B0EA
Redirect Chain
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEKH5IA4HJ-TWAmMex8ODvqI&google_push=ASkJ3FYACkeA360kZGQOC_zmRh38iueDfZEIgqSxmmcGrC4y9FTk8ywqPfvfPaviD8nFczWYrc9HbVfbtWyOmAU11X0urz3...
  • https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=ASkJ3FYACkeA360kZGQOC_zmRh38iueDfZEIgqSxmmcGrC4y9FTk8ywqPfvfPaviD8nFczWYrc9HbVfbtWyOmAU11X0urz37jUTtVVh2Fslyt0sSiwFKygmSAMgYbCUb2...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=ASkJ3FYACkeA360kZGQOC_zmRh38iueDfZEIgqSxmmcGrC4y9FTk8ywqPfvfPaviD8nFczWYrc9HbVfbtWyOmAU11X0urz37jUTtVVh2Fslyt0sSiwFKygmSAMgYbCUb25Da7OH5YOObjlWhCF0ieEczOw&google_hm=MTA1OTgzMDY5MzMxNjU2MzAzOTU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3173046730&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670436590778&bpp=2&bdt=244&idt=219&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6802309372592&frm=24&ife=3&pv=1&ga_vid=186587116.1670436591&ga_sid=1670436591&ga_hid=1502866042&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3623698145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=4157502748526341&tmod=1347136777&uas=0&nvt=1&etu=ALEzveltYJkQJOiuicy-L0678qHkMlYftZUIoTdMAZhTkCCVYkBHkjR1wejrzdczwwbYYTyO8JSYOTw&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.82lxsd6kjy9j&fsb=1&dtd=272
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 18:09:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 07 Dec 2022 18:09:52 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=ASkJ3FYACkeA360kZGQOC_zmRh38iueDfZEIgqSxmmcGrC4y9FTk8ywqPfvfPaviD8nFczWYrc9HbVfbtWyOmAU11X0urz37jUTtVVh2Fslyt0sSiwFKygmSAMgYbCUb25Da7OH5YOObjlWhCF0ieEczOw&google_hm=MTA1OTgzMDY5MzMxNjU2MzAzOTU
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B0EA
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sjy4O3-MRraPzQcj8sBfSQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sjy4O3-MRraPzQcj8sBfSQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYBuAXGD2lOTU3XwiU6eVVDsfldPxAdNDwmI0UMaPHeLzjC-XKxE4vmysN_35r-3ASHAiiVDwDYvswoGbcjZWUABof9Cc7LnEab50wDL-gcu7sRXtCriVALOhSDZTKlQf8uNbHso6qNGKrb2eFZDQY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3173046730&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670436590778&bpp=2&bdt=244&idt=219&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6802309372592&frm=24&ife=3&pv=1&ga_vid=186587116.1670436591&ga_sid=1670436591&ga_hid=1502866042&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3623698145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=4157502748526341&tmod=1347136777&uas=0&nvt=1&etu=ALEzveltYJkQJOiuicy-L0678qHkMlYftZUIoTdMAZhTkCCVYkBHkjR1wejrzdczwwbYYTyO8JSYOTw&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.82lxsd6kjy9j&fsb=1&dtd=272
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 18:09:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sjy4O3-MRraPzQcj8sBfSQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYBuAXGD2lOTU3XwiU6eVVDsfldPxAdNDwmI0UMaPHeLzjC-XKxE4vmysN_35r-3ASHAiiVDwDYvswoGbcjZWUABof9Cc7LnEab50wDL-gcu7sRXtCriVALOhSDZTKlQf8uNbHso6qNGKrb2eFZDQY
date
Wed, 07 Dec 2022 18:09:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame B0EA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENZp750k3nqcrr6Eykq7GnE&google_cver=1&google_push=ASkJ3FbsS46_aXt2XoE6kB_1l9RGOQV3FQWeI7EElwzCFXrhzRzKXvxyNvofdBI7B0c-oiWzeTM...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJEWVRHOEUtMTMtSktTUg==&google_push=ASkJ3FbsS46_aXt2XoE6kB_1l9RGOQV3FQWeI7EElwzCFXrhzRzKXvxyNvofdBI7B0c-oiWzeTMSJLMx717kB25HlzxWAuP4wNYtw...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJEWVRHOEUtMTMtSktTUg==&google_push=ASkJ3FbsS46_aXt2XoE6kB_1l9RGOQV3FQWeI7EElwzCFXrhzRzKXvxyNvofdBI7B0c-oiWzeTMSJLMx717kB25HlzxWAuP4wNYtwtMsFSu49bMcSQ84M2h-lHS9tT8ER04izeYUlQSI9ErK8mYFGfMiyEE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3173046730&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670436590778&bpp=2&bdt=244&idt=219&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6802309372592&frm=24&ife=3&pv=1&ga_vid=186587116.1670436591&ga_sid=1670436591&ga_hid=1502866042&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3623698145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=4157502748526341&tmod=1347136777&uas=0&nvt=1&etu=ALEzveltYJkQJOiuicy-L0678qHkMlYftZUIoTdMAZhTkCCVYkBHkjR1wejrzdczwwbYYTyO8JSYOTw&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.82lxsd6kjy9j&fsb=1&dtd=272
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 18:09:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJEWVRHOEUtMTMtSktTUg==&google_push=ASkJ3FbsS46_aXt2XoE6kB_1l9RGOQV3FQWeI7EElwzCFXrhzRzKXvxyNvofdBI7B0c-oiWzeTMSJLMx717kB25HlzxWAuP4wNYtwtMsFSu49bMcSQ84M2h-lHS9tT8ER04izeYUlQSI9ErK8mYFGfMiyEE
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
382e2818ca015d35b02cd449aa60881d
Expires
0
pixel
cm.g.doubleclick.net/ Frame B0EA
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKp_KWxQeL2u0o5egn0Acz8&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKp_KWxQeL2u0o5egn0Acz8&google_hm=Y5DW8LNfJW9dzBIaockglwAADkwAAAIB&google_nid=index&google_push=ASkJ3FZhy_X8CqRUF8zMB5ytkyS2nliYFzpx8...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKp_KWxQeL2u0o5egn0Acz8&google_hm=Y5DW8LNfJW9dzBIaockglwAADkwAAAIB&google_nid=index&google_push=ASkJ3FZhy_X8CqRUF8zMB5ytkyS2nliYFzpx8fuZut4pxdiPkQzzk5P9E825_ZyHY97xw8CO_VFViMUDJ2wTDLTdxaNQCpmAu3OF84DfRqpraAJfysMlXkFCESeJRGhqAXK1YK2TE2pq7JvuCaS1xgrBmQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3173046730&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670436590778&bpp=2&bdt=244&idt=219&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6802309372592&frm=24&ife=3&pv=1&ga_vid=186587116.1670436591&ga_sid=1670436591&ga_hid=1502866042&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3623698145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=4157502748526341&tmod=1347136777&uas=0&nvt=1&etu=ALEzveltYJkQJOiuicy-L0678qHkMlYftZUIoTdMAZhTkCCVYkBHkjR1wejrzdczwwbYYTyO8JSYOTw&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.82lxsd6kjy9j&fsb=1&dtd=272
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 18:09:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 07 Dec 2022 18:09:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bRl8kGuS0rZov4j0sWZfyQnEMU7eEJNHanM%2BDvB2BlT6zO5h95bxedW4ZaMvoEKyTZWY0kR%2FhjAhTRM7VSHvB9BW4psu67kSxZGVbpEs5OgzAf4QsjVbDP66MpEK5vvFz3icaE%2Fa5RMZTg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKp_KWxQeL2u0o5egn0Acz8&google_hm=Y5DW8LNfJW9dzBIaockglwAADkwAAAIB&google_nid=index&google_push=ASkJ3FZhy_X8CqRUF8zMB5ytkyS2nliYFzpx8fuZut4pxdiPkQzzk5P9E825_ZyHY97xw8CO_VFViMUDJ2wTDLTdxaNQCpmAu3OF84DfRqpraAJfysMlXkFCESeJRGhqAXK1YK2TE2pq7JvuCaS1xgrBmQ
cache-control
no-cache
cf-ray
775f3701fee2a22e-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame B0EA
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEKdV8SNYM2GnFvEKJ7frtGE&google_cver=1&google_push=ASkJ3Fa3Ctdyv77_lcDVYR_7HBwaGRodMprxGNHcG3WdFgBYkh7XTZjKUjkrm-g_C8bP2cCLXaTG9tmsgITEcuaogPNbNbr2nf1QG...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3Fa3Ctdyv77_lcDVYR_7HBwaGRodMprxGNHcG3WdFgBYkh7XTZjKUjkrm-g_C8bP2cCLXaTG9tmsgITEcuaogPNbNbr2nf1QG1ezbgSNoIWHe2YWeywIJKHQTYNVUm...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3Fa3Ctdyv77_lcDVYR_7HBwaGRodMprxGNHcG3WdFgBYkh7XTZjKUjkrm-g_C8bP2cCLXaTG9tmsgITEcuaogPNbNbr2nf1QG1ezbgSNoIWHe2YWeywIJKHQTYNVUmjKNdVZGN-8fuJiXjn0A6gjG8M&google_hm=81eab9a700dfa206c92cade84d7754ef
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3173046730&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670436590778&bpp=2&bdt=244&idt=219&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6802309372592&frm=24&ife=3&pv=1&ga_vid=186587116.1670436591&ga_sid=1670436591&ga_hid=1502866042&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3623698145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=4157502748526341&tmod=1347136777&uas=0&nvt=1&etu=ALEzveltYJkQJOiuicy-L0678qHkMlYftZUIoTdMAZhTkCCVYkBHkjR1wejrzdczwwbYYTyO8JSYOTw&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.82lxsd6kjy9j&fsb=1&dtd=272
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 18:09:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3Fa3Ctdyv77_lcDVYR_7HBwaGRodMprxGNHcG3WdFgBYkh7XTZjKUjkrm-g_C8bP2cCLXaTG9tmsgITEcuaogPNbNbr2nf1QG1ezbgSNoIWHe2YWeywIJKHQTYNVUmjKNdVZGN-8fuJiXjn0A6gjG8M&google_hm=81eab9a700dfa206c92cade84d7754ef
date
Wed, 07 Dec 2022 18:09:52 GMT
content-type
text/html; charset=UTF-8
server
nginx
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
attr
cm.g.doubleclick.net/pixel/ Frame B0EA
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LkLrvXxUoDLkW01o-p5nq5a8rJm1EhJtG54dAA_TlDG1S_q_16x0-xzgiQgEl7yRJLcWnn
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3173046730&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670436590778&bpp=2&bdt=244&idt=219&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6802309372592&frm=24&ife=3&pv=1&ga_vid=186587116.1670436591&ga_sid=1670436591&ga_hid=1502866042&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3623698145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=4157502748526341&tmod=1347136777&uas=0&nvt=1&etu=ALEzveltYJkQJOiuicy-L0678qHkMlYftZUIoTdMAZhTkCCVYkBHkjR1wejrzdczwwbYYTyO8JSYOTw&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.82lxsd6kjy9j&fsb=1&dtd=272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:52 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
o1Uwx-LeZy1xXNnqv4YwBo-O3KbbR1TU6AaZC5EN1kw.js
pagead2.googlesyndication.com/bg/ Frame BCBD
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/o1Uwx-LeZy1xXNnqv4YwBo-O3KbbR1TU6AaZC5EN1kw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a35530c7e2de672d715cd9eabf8630068f8edca6db4754d4e806990b910dd64c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 22:44:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
415519
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16040
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 22:44:33 GMT
index.html
s0.2mdn.net/sadbundle/18167346992714350592/ Frame 6470
9 KB
2 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b79a0223f276a3bb23bb58d650e44594b39e0ba0d79581ce6385e478ef43d2ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1659
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 07 Dec 2022 18:09:53 GMT
expires
Thu, 07 Dec 2023 18:09:53 GMT
last-modified
Wed, 23 Nov 2022 02:18:21 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 6782
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstd5gF1gmXlRf8ysvxZwxjGvQsCzT9pfQzXtnf0q687AhzHv1biU57fFO8QNSfhYJ8DKynWcQjheWcF2QnRKQB2SjGMk4oVX3-txlmyNKhWdXpkxczIDi9OtPBznAxuquprthP3gEYi5q3a4uq1Oi0UYnt6Qc8a1mXC0uqRpy13C5goR0fPct3lW6KWtSmNVg4ip0VOBmyB4m_6iHMupTQMwHpL4cY2XR05GDSNswft5L-YN-c_isrgHw9uGjjn71VNopux5-FVyOHnEdEJsCK-1OEYCTuZV9F8k0BDJTKi_m6pI_AVmf8I_56jPkJU3QV9th7RAl7x4npGxLCF4LTmXEfi7hVuFQnRf5zY28kuabuBrs9ZBpTjMmsH_-CIFzSYwy3QLjMt1Nyc5HE3RqWhKT5kVRvOW11ZHyelK7YfTU4dc2I5guCGOi_f-q0piPmUNfaTupMwNFcUMekdajgK0pH1i7_GKH-HSfp3b_ywJXKWk3QJYccC8A8LolbQe7mQ8edVCAMY1-Lerby9CIbAXS0hjI7VhJIH5WWFoDB2CZysZmdHBd947CIKEqbEVUM-6o2vuCtfqzrpaoSBpl8JBtw2Kg8FXNrA7Qzdpfkky7LHC4F14J6bhefbFTTm_zkeUFCQBXp8lfS5IRIXtgLHLFJ6f18Hwg-ODga9Ert8BuewGdQawQq68IdxqDd_kb9rTDsiO-Rh2eHYMwLrIVwE1z3dg1lwj2e0V1O_VGc-BZPWcY0hOYR3IN92__ODXIZm_tSL8AZAnl_J3TZsbl3h6Z--RX5AiZ2T8Z0Q6fcRw_YH0vIbcM3oa1HjrnVPQjOuGJkbIafGwveq9c9n4tV97X4Ch3sBWz_Gk93Q2k39Pa9OfYSqBNaf8UB9fWP3O9Bl7bmLwI9kp0rJYVSVFv_WzcztOxllTh1O-zOgKIRrLcXuKzHKpytMrHImtR61iwPuIMZZcd8XKHolbgOEOWs1qTOBJjvFWuBf26guN47XDWne7HCuXvabbl9kqL5IJn2ywxIyVk8QWnNWv8j2KONq89aUOCmpQIIpx6cYbzVMmU1fLX-HPnpWKBapbC3E_N_xTgRATEYHhuU7R0Rwb4xlFxD8F1V4jGQZdhS5bR6oSkJVc_2QfgiBjQaWpP_GCUsD03zHENr0QINXtjXFGNrX3P2WIzmGu6tef_8LOqfafqA5ss9iBNI49hLw_ExNh3CoYYhgh9oRJA&sai=AMfl-YSYIu-RYvT7xzDQBj1YhxHkh3qrJSLICeLwnWxxPsoSYMFQGt8K1uwA9m41qVnB556VGF2nSgZ3-j3vmmVdeMMs2-ouS1PvbMHSOM6OLiu1SqvIhEIk_eDHdHivKnfLiNqFnxE8dvsIOfT2m7wej5NXqh5CR_qfO3to3WIu1g_FY0DYFw6b5cwZzvvj8PPKuZXg6XeU93zHStDzd3E&sig=Cg0ArKJSzOr4x3byPYQKEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=156&cbvp=1&cstd=148&cisv=r20221206.03354&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.226 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 07 Dec 2022 18:09:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 07 Dec 2022 18:09:53 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 6470
118 KB
40 KB
Script
General
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:20:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78543
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 07 Dec 2022 20:20:50 GMT
gsap_3.8.0_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 6470
62 KB
25 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.8.0_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a14255e68fc99fc5b4a8b323c13070ac67f42775917706fd3b147b436810a5da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25068
x-xss-protection
0
last-modified
Wed, 24 Nov 2021 20:06:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 07 Dec 2022 18:09:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BCBD
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BPJin8NaQY-eKK5G__gS6wYmQCAAAAAA4AeAEAg&bg=!jo2ljcnNAAa7eOFIm3g7ACkAdvg8Woli722SHWHCIMNavulYDNF6DsF8AnkPSQjELJxXL0v5S7ejIAIAAABqUgAAAANoAQeZAwxOQ3yG2EKgFc6qhFP6ZeiqDOPkPNcx7OA2XdlAu36HADLHbHKlIHS0-SYcDjUGo1ophHSzrVOs8zBbVELN5T97-UMFjEf9p3_oJ2eaqupVDwU2C_X_tQgBMQDj4l01UtaOK0WUOYRpLR_Zz649cHr38sFSfZWHbXqZYAbBVxToMxKoFuNG7vvSPh9OguJWy0bAnVQoZnXW3AW1bwpuCSsgN-70id7croAI_FcXCYbvRUE71FSpbdlhGapptFEszmNKW591jmooxCCDW8vyg_7q3V17R_nwAp-E-68c_xHYY9K9Tab-CE7Ial3BnW8fkHMttS3oX4kgbWDkGz5J0oa-oCSJTZAjk13UFajLtir5QJfXqDetpMRXgfQK-ydLYhtaB4j8SfqktNLOuD6VJBCfiI9y4GnmPw2xTHhSJyZm_wLCTJm1dLsePZZ65Dj2HDr5ZqrwT4N1h8yNJkQdUeiygMFpuL2h07CvtK46dQb-t12pi6duGSqIqQWMnYu7sanHeiXtN5seANQEjnxyxO6YFB5kAsq8hTGIMHIucAY7nKdiqe00Xf4tXk8s4ghWQoJpPFNl0c2xSx3h3CLk0EIccfpRupE5KNvWtvFBgsXnMoc6qY1bwgslNrmkNgv_AwZeC42fJNE2ht2KdsC2qI2KvYbWrrps8jZh_NtkDpO0SwDnK7fmnIREsrSIjvfjxXVNSEb2HiPeaIn7DYxTLag3l8loah1rGc50rSwrHUaNTa99OyKjAyKPl3Q-iGCsA7f4Kfn0flcc-cMnWfIcC4DTnEZgq7x4j4gFiNbwxhKKrCDY_eE3DO6qD5fKvI623PR_JTX5qRZ9bMCWU2VHEIvaSSN6E1ZkgJrQMllBE2au-cwoNI3a08QmYwOO9M1PuAFcGWF_ATNvXE4DvPKEyQbipFaomFKiTtEdD7gtzCqCautaQinIw4tvlTUG9mbaP7GaQJAB87CsTUYOyAMhl6fM62wWbMfSad_HOw6BJsPXMGsPRYrXFrccqDrPu39QDejb8sqdA5ONLe3H0ec
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3173046730&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670436590778&bpp=2&bdt=244&idt=219&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6802309372592&frm=24&ife=3&pv=1&ga_vid=186587116.1670436591&ga_sid=1670436591&ga_hid=1502866042&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3623698145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=4157502748526341&tmod=1347136777&uas=0&nvt=1&etu=ALEzveltYJkQJOiuicy-L0678qHkMlYftZUIoTdMAZhTkCCVYkBHkjR1wejrzdczwwbYYTyO8JSYOTw&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.82lxsd6kjy9j&fsb=1&dtd=272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 18:09:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6782
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstd5gF1gmXlRf8ysvxZwxjGvQsCzT9pfQzXtnf0q687AhzHv1biU57fFO8QNSfhYJ8DKynWcQjheWcF2QnRKQB2SjGMk4oVX3-txlmyNKhWdXpkxczIDi9OtPBznAxuquprthP3gEYi5q3a4uq1Oi0UYnt6Qc8a1mXC0uqRpy13C5goR0fPct3lW6KWtSmNVg4ip0VOBmyB4m_6iHMupTQMwHpL4cY2XR05GDSNswft5L-YN-c_isrgHw9uGjjn71VNopux5-FVyOHnEdEJsCK-1OEYCTuZV9F8k0BDJTKi_m6pI_AVmf8I_56jPkJU3QV9th7RAl7x4npGxLCF4LTmXEfi7hVuFQnRf5zY28kuabuBrs9ZBpTjMmsH_-CIFzSYwy3QLjMt1Nyc5HE3RqWhKT5kVRvOW11ZHyelK7YfTU4dc2I5guCGOi_f-q0piPmUNfaTupMwNFcUMekdajgK0pH1i7_GKH-HSfp3b_ywJXKWk3QJYccC8A8LolbQe7mQ8edVCAMY1-Lerby9CIbAXS0hjI7VhJIH5WWFoDB2CZysZmdHBd947CIKEqbEVUM-6o2vuCtfqzrpaoSBpl8JBtw2Kg8FXNrA7Qzdpfkky7LHC4F14J6bhefbFTTm_zkeUFCQBXp8lfS5IRIXtgLHLFJ6f18Hwg-ODga9Ert8BuewGdQawQq68IdxqDd_kb9rTDsiO-Rh2eHYMwLrIVwE1z3dg1lwj2e0V1O_VGc-BZPWcY0hOYR3IN92__ODXIZm_tSL8AZAnl_J3TZsbl3h6Z--RX5AiZ2T8Z0Q6fcRw_YH0vIbcM3oa1HjrnVPQjOuGJkbIafGwveq9c9n4tV97X4Ch3sBWz_Gk93Q2k39Pa9OfYSqBNaf8UB9fWP3O9Bl7bmLwI9kp0rJYVSVFv_WzcztOxllTh1O-zOgKIRrLcXuKzHKpytMrHImtR61iwPuIMZZcd8XKHolbgOEOWs1qTOBJjvFWuBf26guN47XDWne7HCuXvabbl9kqL5IJn2ywxIyVk8QWnNWv8j2KONq89aUOCmpQIIpx6cYbzVMmU1fLX-HPnpWKBapbC3E_N_xTgRATEYHhuU7R0Rwb4xlFxD8F1V4jGQZdhS5bR6oSkJVc_2QfgiBjQaWpP_GCUsD03zHENr0QINXtjXFGNrX3P2WIzmGu6tef_8LOqfafqA5ss9iBNI49hLw_ExNh3CoYYhgh9oRJA&sai=AMfl-YSYIu-RYvT7xzDQBj1YhxHkh3qrJSLICeLwnWxxPsoSYMFQGt8K1uwA9m41qVnB556VGF2nSgZ3-j3vmmVdeMMs2-ouS1PvbMHSOM6OLiu1SqvIhEIk_eDHdHivKnfLiNqFnxE8dvsIOfT2m7wej5NXqh5CR_qfO3to3WIu1g_FY0DYFw6b5cwZzvvj8PPKuZXg6XeU93zHStDzd3E&sig=Cg0ArKJSzOr4x3byPYQKEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=316&vt=11&dtpt=160&dett=3&cstd=148&cisv=r20221206.03354&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: vivanews.asia
URL: https://vivanews.asia/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 07 Dec 2022 18:09:53 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6470
7 KB
5 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40af0a250ffcc0f5f47cef6ed0cf5f6aae0588fec00c86206da151bf5baaedcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5499
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6470
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:09:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 07 Dec 2022 18:09:53 GMT
o1Uwx-LeZy1xXNnqv4YwBo-O3KbbR1TU6AaZC5EN1kw.js
pagead2.googlesyndication.com/bg/ Frame F8DA
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/o1Uwx-LeZy1xXNnqv4YwBo-O3KbbR1TU6AaZC5EN1kw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a35530c7e2de672d715cd9eabf8630068f8edca6db4754d4e806990b910dd64c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 22:44:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
415520
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16040
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 22:44:33 GMT
style.css
s0.2mdn.net/sadbundle/18167346992714350592/ Frame 6470
2 KB
737 B
Stylesheet
General
Full URL
https://s0.2mdn.net/sadbundle/18167346992714350592/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89041b78fae7a243a68f283ccf0c828aa64d89d6113d07e06e3807f3ce858724
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 06:12:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43066
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
708
x-xss-protection
0
last-modified
Wed, 23 Nov 2022 02:18:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Dec 2023 06:12:07 GMT
controller.js
s0.2mdn.net/sadbundle/18167346992714350592/ Frame 6470
7 KB
1 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/18167346992714350592/controller.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9cf26fb7fe67d69ec053c454e57f13dec947dddaaf5a14a825ef0858c10a36f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 06:12:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43066
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1437
x-xss-protection
0
last-modified
Wed, 23 Nov 2022 02:18:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Dec 2023 06:12:07 GMT
feed.js
s0.2mdn.net/sadbundle/18167346992714350592/ Frame 6470
50 KB
3 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/18167346992714350592/feed.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab938252d4d37310270a646622da9d766bcab60ed9678fbccd97a93f3972155e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 07:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
558292
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3044
x-xss-protection
0
last-modified
Wed, 23 Nov 2022 02:18:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 01 Dec 2023 07:05:01 GMT
60005477_20221121134335669_background001.jpg
s0.2mdn.net/ads/richmedia/studio/60005477/ Frame 6470
191 KB
191 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005477/60005477_20221121134335669_background001.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e8cef99a1686a44b315f1fbecae1e706f8a44e68746251ee09f95a6f87e4653
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 07:12:03 GMT
x-content-type-options
nosniff
age
39470
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
195889
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 21:43:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Dec 2022 07:12:03 GMT
60005477_20181022102532839_blank.png
s0.2mdn.net/ads/richmedia/studio/60005477/ Frame 6470
977 B
1003 B
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005477/60005477_20181022102532839_blank.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30d0d219dffc1e5f4e40e4562c48642d5038c73f6254b298c97676757046ddb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:26:49 GMT
x-content-type-options
nosniff
age
81784
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
977
x-xss-protection
0
last-modified
Mon, 22 Oct 2018 17:25:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 07 Dec 2022 19:26:49 GMT
60005477_20220318221944290_LogoWhite.png
s0.2mdn.net/ads/richmedia/studio/60005477/ Frame 6470
3 KB
3 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005477/60005477_20220318221944290_LogoWhite.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b301f7f15d1d29d7d124cb30e579935adfbdafbf369b3ecd7ef574f4ced3ed55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 00:48:29 GMT
x-content-type-options
nosniff
age
62484
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3082
x-xss-protection
0
last-modified
Sat, 19 Mar 2022 05:19:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Dec 2022 00:48:29 GMT
60005477_20221121134339768_background002.jpg
s0.2mdn.net/ads/richmedia/studio/60005477/ Frame 6470
106 KB
106 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005477/60005477_20221121134339768_background002.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5321be6475b2b544941b66931eed2e7c440ca7c9b92fd2ce7f6266097734c9ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 07:18:45 GMT
x-content-type-options
nosniff
age
39068
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108314
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 21:43:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Dec 2022 07:18:45 GMT
60005477_20221121134343631_background003.jpg
s0.2mdn.net/ads/richmedia/studio/60005477/ Frame 6470
154 KB
154 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005477/60005477_20221121134343631_background003.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e72112a6051ae770208c65845e6fd9ceea7c08776af855f3d47e3c174dda73f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 07:18:45 GMT
x-content-type-options
nosniff
age
39068
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
157532
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 21:43:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Dec 2022 07:18:45 GMT
60005477_20221121134347718_background004.jpg
s0.2mdn.net/ads/richmedia/studio/60005477/ Frame 6470
262 KB
262 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005477/60005477_20221121134347718_background004.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb9af6c028f56887ee6c15f5a3e6ac18a934e76e22dfe77fdec66f4331cc9d3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 07:18:45 GMT
x-content-type-options
nosniff
age
39068
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
268329
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 21:43:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Dec 2022 07:18:45 GMT
60005477_20221121135655352_overlay005.png
s0.2mdn.net/ads/richmedia/studio/60005477/ Frame 6470
38 KB
38 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005477/60005477_20221121135655352_overlay005.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
715045f3b9b5ad877852791610123019447efe2b8900139bb9ab763d18a4f2d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 05:20:32 GMT
x-content-type-options
nosniff
age
46161
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38936
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 21:56:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Dec 2022 05:20:32 GMT
HyundaiSansText-Regular.woff2
s0.2mdn.net/sadbundle/18167346992714350592/ Frame 6470
54 KB
54 KB
Font
General
Full URL
https://s0.2mdn.net/sadbundle/18167346992714350592/HyundaiSansText-Regular.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
313963d64c00b096563a43f9856ae5fcb8aeba67d3a808d23171e8455198ebc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 06:12:08 GMT
x-content-type-options
nosniff
age
43065
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55536
x-xss-protection
0
last-modified
Wed, 23 Nov 2022 02:18:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Dec 2023 06:12:08 GMT
HyundaiSansHead-Medium.woff2
s0.2mdn.net/sadbundle/18167346992714350592/ Frame 6470
53 KB
53 KB
Font
General
Full URL
https://s0.2mdn.net/sadbundle/18167346992714350592/HyundaiSansHead-Medium.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a350ff915bd9f6a23c74a2aff9a835c5074f8dac8810174ec05bbb984a2feb26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/18167346992714350592/index.html?e=69&leftOffset=0&topOffset=0&c=z4H7tXRHLs&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 06:12:08 GMT
x-content-type-options
nosniff
age
43065
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54212
x-xss-protection
0
last-modified
Wed, 23 Nov 2022 02:18:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Dec 2023 06:12:08 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6782
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNDUkD_aHvKOptEjVB9u_-coO2FPsn__pWA-XlPIVeclqabc8D2fkrvW8OcINZ_-p8f8g3Hl0Wt0wNedULYOssZ1itDuWJp1v14wMaui9Q2Ysz8jWB-MlyVYS5-ttEWUkYGUc&sai=AMfl-YR_jM6MlDL4eUR66VQqbh9ZU4zHhrYYZK2tysQhg_05_cU1x8iQgZRAkdnT97wq2QlJmcGSWieaXpmyX284y8Zx7zTfE1MJQ9kYVg&sig=Cg0ArKJSzLzW3AMpU9BoEAE&cid=CAQSKQDq26N9H1H2ugAjLuesIIPNfObN0l0wj6DjMDt5dmMhTSJagsoAx1vyGAEgEw&id=lidar2&mcvt=1000&p=0,0,250,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221205&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1207888702&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670436591052&rpt=2381&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 18:09:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| oncontentvisibilityautostatechange object| _wpemojiSettings undefined| $ function| jQuery object| googletag object| infinite_scroll function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry object| ggeac object| google_tag_data boolean| google_plmetrics object| google_js_reporting_queue undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| twemoji object| wp object| GoogleGcLKhOms object| google_image_requests

18 Cookies

Domain/Path Name / Value
vivanews.asia/ Name: PHPSESSID
Value: ehik80boqdoj4kvda7ck4oqma9
.vivanews.asia/ Name: __gads
Value: ID=3922dd0b94922559-2292ff71647f00d4:T=1670436590:S=ALNI_MZXaYgKY3then3Mgl3FvaOcsiyz5g
.vivanews.asia/ Name: __gpi
Value: UID=000009db1e7d505b:T=1670436590:RT=1670436590:S=ALNI_MZO6Ee7vTLz1zw3bbpdkgT05NGI1Q
.doubleclick.net/ Name: IDE
Value: AHWqTUl3uXPSNNU8N4iiP-ZbRcx-ukCQCuUjPSRJ9mNGLvJtgiLINf3C0nnT3JQfGw8
.adnxs.com/ Name: uuid2
Value: 7167894834436488578
.casalemedia.com/ Name: CMPS
Value: 3660
.casalemedia.com/ Name: CMPRO
Value: 3660
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In1K5$g8!@wnfH8K6pQK`!5=E<*L5?%M5.O0iM7Aw6K/vU2NdKSGi`E>.L9O$h<dkSLY*bpRz*qF1`*b`1r*9<Jv
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.mookie1.com/ Name: id
Value: 10598306933165630395
.mookie1.com/ Name: mdata
Value: 1|10598306933165630395|1670436592953
.mookie1.com/ Name: ov
Value: db6c3971aea4fdec4df759ee35724b8b
.adingo.jp/ Name: ID
Value: 81eab9a700dfa206c92cade84d7754ef
.quantserve.com/ Name: d
Value: EF8BCQHgJ4EA
.quantserve.com/ Name: mc
Value: 6390d6f0-f102d-63076-56af6
.pubmatic.com/ Name: KADUSERCOOKIE
Value: B23CB83B-7F8C-46B6-8FCD-0723F2C05F49
.casalemedia.com/ Name: CMID
Value: Y5DW8LNfJW9dzBIaockglwAA
.casalemedia.com/ Name: CMTS
Value: 3465

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5073147d591a5c1796ce61a004eaae71.safeframe.googlesyndication.com
adservice.google.ca
adservice.google.com
beacon.walmart.com
cc.adingo.jp
cm.g.doubleclick.net
cms.quantserve.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
image6.pubmatic.com
odr.mookie1.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
s0.2mdn.net
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
tpc.googlesyndication.com
vivanews.asia
www.google.com
www.googletagservices.com
104.36.115.113
142.250.176.194
142.250.65.226
172.64.154.237
192.40.39.223
20.242.10.199
2607:f8b0:4006:806::200a
2607:f8b0:4006:809::2002
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80f::2006
2607:f8b0:4006:816::2001
2607:f8b0:4006:816::2002
2607:f8b0:4006:816::2004
2607:f8b0:4006:81c::2001
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81c::2003
2620:116:800b:21:c1e8:5385:5098:6bf0
35.190.90.30
45.76.76.61
52.73.27.182
68.67.160.186
69.173.151.100
01b56a47fe308931676251e54f09978ae3c113933585fb2b718e93d0617a49b4
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
055acaa4ad04b13215cfd46fad9930e06a98bb333b445da13e90a0ef2ce26f89
06f67df6d5f61a5e5c5993071e2f11e4433439179c5e1072a280c38c341a2484
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08fee21e5d5837b83dfc57550ef625c8101383b797d041e00b2203c835953223
0b60d0d8d1c1bcc232106bc6891f433de3370a372b04df6d4c76fd334abeb868
0b6b927ed49b35cafb9649f4e46e95d5887b07f36a4b07b26f92dab06df1e3ab
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
104f4f425ec150d76ff783bea28bb49a1f5f743305189ea91f34d79f3d95b48e
1084ce3b01bdb94f9f33901c0d2ccc07ff6c29b77383ab9d7f035f98e8e418f4
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
17bfd84b7950ab91dec7b983a55bb24e4417bee3cfb3ec1434a4dd617df9e95f
17eebde91d71e72d303e72fc0e868edf07fad12a4b149e0a038b385027521df3
18a62be8995d31496185e6bb49cf98355734f8ecd29d0c87e79164b90fc0d306
1bab9fe22edab84e52bf1ed9adaf22e71e28d8963ff743691306f871a3ea119d
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
1e965485436a460b6ffc44695b148993598bd4e6cdb8447a547fb5609e3ca152
1ebfd680b72b9825db5e9905ddc7634583d547e4f8935b74c4c77464fadaa9a5
208811b594100e86eb5f1732277c45e426905bca9c94a05bc1fc63af88bb6d01
23d19ebfe50d8795a5e8415ae5a36bf81f00b6525d2de87406dd73448f03a742
24098ffd52c543cd93401f1b57100d207a92f4f203d3f6de73d9e21db52f6ebf
27ebb4b9fba54c26f207d200001889e4e123c0ad2dcd3ab05c2d8b0d6255521f
2805a9706647dc3f67f18c7ab7450ba356368fbd6438c315de89ab9eef123edd
292f38ab6aa1dc37e03e86f5e97b5949101902fd155abc76ce19f82b96201864
2d88ff141755a1244a45f4c81b8addb815b49eaabf3158d0492bdfc883b88245
30d0d219dffc1e5f4e40e4562c48642d5038c73f6254b298c97676757046ddb8
3123931d2096e41866151ecbb3e392c4078fc19902e226036fa837ab764d0a71
313963d64c00b096563a43f9856ae5fcb8aeba67d3a808d23171e8455198ebc9
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32afc45d62308807fbf43cb70066e87de99e270ffc172031c71d8a8f01b2787d
3501a3ec0d024163ef992e0e5f87552d17569e23bcea1e69447f64179d614637
39a1a12523530085e8302e0e3cf71374bfc493b74a36369cb3f6eb640630eca9
39f99fad5216bf62dbe0b75f585d68d7bb464810534fdc777f0fade6eb18df87
3cb13fe352e70a3164b48c06d7f3351827d2ab1c49f6b8e5f459fb3e7bb3591d
3db431c3a9217c58b86c78ef1c9fcf7f44e35d599350e9d027ec28454a7c32e9
40af0a250ffcc0f5f47cef6ed0cf5f6aae0588fec00c86206da151bf5baaedcd
40b5ee037cd0cdbcedaa693bf1ada6374bc34230dc5dbb8c6554944e318dfa8e
443b42a7369c5d664b2743ecd813f175b7b927fa62fc21837d24c88603f964b6
45a5a7e1516d809fd5f1ce8f72237a8b4148aa46b8b055f22385e30bb6e67a42
45f01389f53d04bb01a647bdd8c45468ca3cdde76233f519729d9d1ff7a42e96
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4a2bf31cb7fc5fa522dfb7e0b849d200c10f8f5a6df38ba892bd084f0b9f0562
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bd4c275f007d9e466783a2fce6bde0c35f098135b8f5afb6deda1dda03c4fca
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5321be6475b2b544941b66931eed2e7c440ca7c9b92fd2ce7f6266097734c9ac
54ac5cf40e7dac93d1bca06e700092b9ed760b43bed977769c117a4410e6f8b3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57366c2247050026db3ded157b31c233bc2d2d58dc363c56014b5fbd33b44704
58c3399ef6051a79ca1061c2369c75dfef8b53f9967755266e40f5a0b974b16a
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5ed7f70e7c632f089ed340524dec67ba19c429841264beaf2be345c2c27f8c53
5f15609dae773a4b3e3ff0893c694e0a728145bbc6be9fdd9898a56aeab834df
617ff2eb3d5dbbbc37949c4fdf8406e7a8a08990f1b846a8011d614ad2c1f88b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67873e867f80a4e38ed77b2d2e470ffdc7404629233f6dd0c0ae060eb23b55a6
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6bd47176b1c3d762d864aeeb233ca7e793004248449c3843c63657542481a092
6f0a78384a5fe1f2ccf0f887dbb4f7adc0746427ad847f7f0f37fb61fc641860
715045f3b9b5ad877852791610123019447efe2b8900139bb9ab763d18a4f2d5
725cec0adb3474254d639c60ce66dcf7787f811dbbc9999afe3b89ffd53d786d
74b1553a8bc02b258d9607e3b6be0d38c69787670259db355120226bb9eb868e
75eadfc4966f8e40d2f5aa4ebc91741a4bec5599e28b04024d38c3dd9c689477
7a0cb33ad56641087f3b9355a126591f57957c1dd8175a46f38d51834bdd8a42
82d885b57ea9266031e7efea885e247e8c8f4b146651017118188191056f51f3
86cd172029aaf00d8aaf4b710ae202115e9f60262d0cff5c1c0ec48bc2e7824f
86fcbebfc3beb20cc090c44b05e9ca59400de0ca9fc348171e37216dbdb64fa8
89041b78fae7a243a68f283ccf0c828aa64d89d6113d07e06e3807f3ce858724
8a6749df5bda37a8da862387e46cf39313d07ff2dcfa684faefaeb33b9a2ee6c
8b8b22b8c1df47f77a24146d9cacf8efa05e5b5016fe6b9075e032ac11488b41
8c0fcb802476b243779d9398d68f5bbdee60031f2aeb6979817317dae9731a8e
8d517631a58883faff47882e248f70964c65168e26ab649b47487e8c6ceca440
8e8cef99a1686a44b315f1fbecae1e706f8a44e68746251ee09f95a6f87e4653
92e7b397cdc4be8a86f2b4410316bc67fdf345c4d4282a433e4ba990eae3b749
956565d639de5e0d44c98b8deb304a86938aec1d8ddf321190ae57d291ae69eb
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
98c79c403cbb4a0c321790331af72a914f0231da2736659055fc196597d6c31a
9a729582bb72af90bca58d2ae31d5bf9bfde790855e37cc178aa8496432a9c2a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1b696ec3f788a517f464a3341906262f687aa000abf6b4120ca1f2b0baffef
9bf5df923c301309cbce4831273710c7ab50e6b2d8ddb275bdfdc924fec29c37
9c0d1d99e56d40feb850e857a0cc61a76ec8657e9f9fc1e7bae04b42d5da551f
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a14255e68fc99fc5b4a8b323c13070ac67f42775917706fd3b147b436810a5da
a350ff915bd9f6a23c74a2aff9a835c5074f8dac8810174ec05bbb984a2feb26
a35530c7e2de672d715cd9eabf8630068f8edca6db4754d4e806990b910dd64c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73c3d5995e2b9438a42cb9b65351b943265fbde78b8b3b581e67d5018a49af0
a994550e07e2ccdf11d39850c1d27e897796afc20de7c21d0a0854ce67b7ba58
aa06e9ae7ff4d566ba5b5bb58e5a0d4f6ef3722974f2f72881a247dc88c47087
ab938252d4d37310270a646622da9d766bcab60ed9678fbccd97a93f3972155e
acc32c1030654659ed8e167d5c82ef5ad511261b6140a82f4874c3e389bf4d15
ad78ff58114e92438a9a3e8aca9cefa822cd173ac669694f864520cb75643dca
aeab465952d969dc17e27078f7dfc23f12cb3c36c1031789bf82857898577de5
b03624a4c39691ace4ea254f4255fea92bc411f9233956cde68916f657cb7412
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1845327cc9109e7908fbd355c4c27bfa87aebf7915525ab593d13f449695fc0
b301f7f15d1d29d7d124cb30e579935adfbdafbf369b3ecd7ef574f4ced3ed55
b38534408e8ecfce571b2498e509ede194064dca3258fe2fd0d31d685797972d
b79a0223f276a3bb23bb58d650e44594b39e0ba0d79581ce6385e478ef43d2ee
b7b72cf5893cd988fcaf9a5adbabb9bf7a521affe75b59590f6dfb3a1f4945fd
b83870f8305b8900262de8381157f408d91e044be196880218d8ee00a58f8e95
b9cf26fb7fe67d69ec053c454e57f13dec947dddaaf5a14a825ef0858c10a36f
bb9af6c028f56887ee6c15f5a3e6ac18a934e76e22dfe77fdec66f4331cc9d3e
be51d196e9c1f842bb0d70cc2244d83b5635bd0219e533794ce62d86c702db4b
bf4e62ceb823aefcf198a034a491c8e17a432df849f317e36ee3fe02f775dc3d
c1edcc780d23377ea9c7e15b2a064085d1879bbe909e9c36f642021e8bb96743
c2da550fb7091e629770f57aef5ae7be0e5460e39564b13ca5c7190ab9f3df66
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c33e04a65b94fbe734a7ab1aa56c60237a72c071ea57a7c41be9d66bc79dc537
c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cca76b60cdd1d620eaeecef628b6c5395d23149e8fc8ec9045b884b585eb1dc6
d5a391bc4a4fde724d0720d2f7216153ddac2456c8108b4267b0aaafec02dcf8
dc6c10f75c0d86ce0a49a6c64440bfb7d996010f3fa6767d9c2384c7f43163c3
dd0037b1381eda94026ab71bf518b6d2533f18a7592db9dce036ae7194fb7892
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e2e029a91b0e0b3759ce3b13e3ec4f214e62d8b9d99f1ae05e5661ff234bef
e6229885746123984ffa4249d1036a9fe9cf949d3940fe5815086702b7962afe
e72112a6051ae770208c65845e6fd9ceea7c08776af855f3d47e3c174dda73f0
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e7b959c432c42ff7654354fe0cda58079e4681e9476e3a243630515014125aee
e7fe619fdeea2d0899b235da6eb39403a0f793b934a0004dba02660618098f27
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6ff0da6c661c0c96c5cbb4e79cc930dffd2a11a80b1cf6796ea973d9c11c11
f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
f238e8708c8806ff68bf6d9b3f1bebc1501f91f7d336f72626d84072867d0798
f3143ea841f3c387fc23d61a9932cd0d6aede512772392950834402812bda65d
f7faa4715a7b7e6cb5d09c4f485825d35d963b684c255013b813d9d5a7b1bd26
f87b71f6a3914637476b44314228411f992ac30cab2ca55b2570ab1cce6125e2
f9c2bb5c7f8b32755a14d63e0a812911e2286f8aa23c910cc790f0937aacf37d
fded0bd09f076102d1d2d4ab75e18a20c758a6d63a71458918d937d4fda10e09
feca5d03b4626f7f5c63f64b33921ac8ea924404f504645d06aed7a3cbf6df7b
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869