tinhte.vn Open in urlscan Pro
125.212.247.8  Public Scan

24 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECEOjSw2BS6XDP3t9qPujU&google_cver=1 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECEOjSw2BS6XDP3t9qPujU&google_cver=1&C=1

Request Chain 59

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZBGd1EzWBuqainc2kOsQowAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECEOjSw2BS6XDP3t9qPujU&google_cver=1

Request Chain 60

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEL0kkYzOimg_UqFtTOCMBZc&google_cver=1 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEL0kkYzOimg_UqFtTOCMBZc%26google_cver%3D1

Request Chain 61

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg4NDE5OTY2MDcyODIwMDg5OQ%3D%3D

Request Chain 70

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECEOjSw2BS6XDP3t9qPujU&google_cver=1

Request Chain 71

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZBGd1EzWBuqainc2kOsQpAAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECEOjSw2BS6XDP3t9qPujU&google_cver=1

Request Chain 72

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEL0kkYzOimg_UqFtTOCMBZc&google_cver=1

Request Chain 73

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYzNjMxMDM1Mjg2Nzk4MTUxMw%3D%3D

Request Chain 85

• https://track.adform.net/adfserve/?bn=57168254;1x1inv=1;srctype=3;ord=2614447395 HTTP 302
• https://track.adform.net/adfserve/?CC=1&bn=57168254;1x1inv=1;srctype=3;ord=2614447395

134 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response tinhte.vn/members/tonic-studios.2969865/	58 KB 16 KB	1339ms 667ms	Document text/html	125.212.247.8 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Full URL https://tinhte.vn/members/tonic-studios.2969865/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS Software nginx / Resource Hash d27310ca9701abd9644b11bcb1e4195976fd5865c7f4c26c252de4fa836ba75a Security Headers Name Value Strict-Transport-Security max-age=15768000 X-Frame-Options SAMEORIGIN X-Xss-Protection 1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-control private, max-age=0 Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Wed, 15 Mar 2023 10:28:33 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Last-Modified Wed, 15 Mar 2023 10:28:33 GMT Server nginx Strict-Transport-Security max-age=15768000 Transfer-Encoding chunked Vary Accept-Encoding X-Frame-Options SAMEORIGIN X-Xss-Protection 1
GET H/1.1	200 OK	css.php tinhte.vn/	87 KB 19 KB	613ms 610ms	Stylesheet text/css	125.212.247.8 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Full URL https://tinhte.vn/css.php?css=xenforo,form,public&style=85&dir=LTR&d=1678691409 Requested by Host: tinhte.vn URL: https://tinhte.vn/members/tonic-studios.2969865/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS Software nginx / Resource Hash 38a0cab40a9e38b9d9de8917056e09aaebae7f40ab8ad28b8fba99de8abec7f1 Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/members/tonic-studios.2969865/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Wed, 15 Mar 2023 10:28:34 GMT Content-Encoding gzip Last-Modified Mon, 13 Mar 2023 07:10:09 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css; charset=utf-8 Cache-Control public Expires Wed, 01 Jan 2020 00:00:00 GMT
GET H/1.1	200 OK	css.php tinhte.vn/	16 KB 4 KB	475ms 373ms	Stylesheet text/css	125.212.247.8 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Full URL https://tinhte.vn/css.php?css=bdad,bdsigninwithapple_button,facebook,google,login_bar,member_view,message_simple,nat_public_css,twitter,uix_extendedFooter&style=85&dir=LTR&d=1678691409 Requested by Host: tinhte.vn URL: https://tinhte.vn/members/tonic-studios.2969865/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS Software nginx / Resource Hash 6d037e538a58d57577002b0cc2f54ec670a8fac3110f05ca760436030f186577 Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/members/tonic-studios.2969865/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Wed, 15 Mar 2023 10:28:34 GMT Content-Encoding gzip Last-Modified Mon, 13 Mar 2023 07:10:09 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css; charset=utf-8 Cache-Control public Expires Wed, 01 Jan 2020 00:00:00 GMT
GET H/1.1	200 OK	css.php tinhte.vn/	78 KB 16 KB	803ms 327ms	Stylesheet text/css	125.212.247.8 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Full URL https://tinhte.vn/css.php?css=uix,uiflex,dimota&style=85&dir=LTR&d=1678691409 Requested by Host: tinhte.vn URL: https://tinhte.vn/members/tonic-studios.2969865/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS Software nginx / Resource Hash e99c92c768ed3051d3f4b2c346a906115d8cfcc00fb80f7b698a34ad89727072 Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/members/tonic-studios.2969865/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Wed, 15 Mar 2023 10:28:34 GMT Content-Encoding gzip Last-Modified Mon, 13 Mar 2023 07:10:09 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css; charset=utf-8 Cache-Control public Expires Wed, 01 Jan 2020 00:00:00 GMT
GET H/1.1	200 OK	css.php tinhte.vn/	36 KB 8 KB	928ms 314ms	Stylesheet text/css	125.212.247.8 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Full URL https://tinhte.vn/css.php?css=EXTRA&style=85&dir=LTR&d=1678691409 Requested by Host: tinhte.vn URL: https://tinhte.vn/members/tonic-studios.2969865/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS Software nginx / Resource Hash 3dd183b281d3f2fe04a206f55e78914f5edb6da7dab09584d821a64998180ca3 Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/members/tonic-studios.2969865/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Wed, 15 Mar 2023 10:28:34 GMT Content-Encoding gzip Last-Modified Mon, 13 Mar 2023 07:10:09 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css; charset=utf-8 Cache-Control public Expires Wed, 01 Jan 2020 00:00:00 GMT
GET H/1.1	200 OK	font-awesome.min.css tinhte.vn/styles/uiflex/uix/css/	28 KB 7 KB	926ms 311ms	Stylesheet text/css	125.212.247.8 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Full URL https://tinhte.vn/styles/uiflex/uix/css/font-awesome.min.css Requested by Host: tinhte.vn URL: https://tinhte.vn/members/tonic-studios.2969865/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS Software nginx / Resource Hash 008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420 Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/members/tonic-studios.2969865/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Wed, 15 Mar 2023 10:28:34 GMT Content-Encoding gzip Last-Modified Wed, 05 Jan 2022 08:02:24 GMT Server nginx ETag W/"61d55090-7187" Transfer-Encoding chunked Vary Accept-Encoding, Origin Content-Type text/css Cache-Control max-age=31536000, public Expires Thu, 14 Mar 2024 10:28:34 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.11.0/	94 KB 33 KB	46ms 12ms	Script text/javascript	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js Requested by Host: tinhte.vn URL: https://tinhte.vn/members/tonic-studios.2969865/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Sat, 11 Mar 2023 14:31:02 GMT content-encoding gzip x-content-type-options nosniff age 331052 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33576 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sun, 10 Mar 2024 14:31:02 GMT
GET H/1.1	200 OK	xenforo.js Show response tinhte.vn/js/xenforo/	166 KB 53 KB	1248ms 619ms	Script application/javascript	125.212.247.8 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Full URL https://tinhte.vn/js/xenforo/xenforo.js?_v=002939be Requested by Host: tinhte.vn URL: https://tinhte.vn/members/tonic-studios.2969865/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS Software nginx / Resource Hash d4abe0ab3ebdcc83eccd33a616828aef540e3eb1392169c9cd97ea71ac6dff2e Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/members/tonic-studios.2969865/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Wed, 15 Mar 2023 10:28:34 GMT Content-Encoding gzip Last-Modified Wed, 05 Jan 2022 08:02:24 GMT Server nginx ETag W/"61d55090-29747" Transfer-Encoding chunked Vary Accept-Encoding, Origin Content-Type application/javascript Cache-Control max-age=31536000, public Expires Thu, 14 Mar 2024 10:28:34 GMT
GET H/1.1	200 OK	cors.min.js Show response tinhte.vn/js/bdReroute/	302 B 632 B	959ms 313ms	Script application/javascript	125.212.247.8 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Full URL https://tinhte.vn/js/bdReroute/cors.min.js?_v=002939be Requested by Host: tinhte.vn URL: https://tinhte.vn/members/tonic-studios.2969865/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS Software nginx / Resource Hash a721e5bcec174ca1fb65ddcd5fce3fe7c73f62dbd1a28ab6376b282e70985f80 Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/members/tonic-studios.2969865/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Wed, 15 Mar 2023 10:28:35 GMT Last-Modified Wed, 05 Jan 2022 08:02:23 GMT Server nginx ETag "61d5508f-12e" Vary Origin Content-Type application/javascript Cache-Control max-age=31536000, public Accept-Ranges bytes Content-Length 302 Expires Thu, 14 Mar 2024 10:28:35 GMT
GET H/1.1	200 OK	quick_reply_profile.js Show response tinhte.vn/js/xenforo/	2 KB 3 KB	963ms 313ms	Script application/javascript	125.212.247.8 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Full URL https://tinhte.vn/js/xenforo/quick_reply_profile.js?_v=002939be Requested by Host: tinhte.vn URL: https://tinhte.vn/members/tonic-studios.2969865/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS Software nginx / Resource Hash d7fa4d8d6241eac2c0a2a7ad98c59a0b51291800f549b8abec82c9ec697c4f7f Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/members/tonic-studios.2969865/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Wed, 15 Mar 2023 10:28:35 GMT Last-Modified Wed, 05 Jan 2022 08:02:24 GMT Server nginx ETag "61d55090-989" Vary Origin Content-Type application/javascript Cache-Control max-age=31536000, public Accept-Ranges bytes Content-Length 2441 Expires Thu, 14 Mar 2024 10:28:35 GMT
GET H/1.1	200 OK	loader.min.js Show response tinhte.vn/js/bdAd/	3 KB 3 KB	1129ms 326ms	Script application/javascript	125.212.247.8 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Full URL https://tinhte.vn/js/bdAd/loader.min.js?_v=002939be Requested by Host: tinhte.vn URL: https://tinhte.vn/members/tonic-studios.2969865/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS Software nginx / Resource Hash 4e85bc98122717e398bc7a85587e79c0c4761e6eda4b9b48757936c284383ddf Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/members/tonic-studios.2969865/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Wed, 15 Mar 2023 10:28:35 GMT Last-Modified Wed, 05 Jan 2022 08:02:23 GMT Server nginx ETag "61d5508f-a3d" Vary Origin Content-Type application/javascript Cache-Control max-age=31536000, public Accept-Ranges bytes Content-Length 2621 Expires Thu, 14 Mar 2024 10:28:35 GMT
GET H/1.1	200 OK	mudim.js Show response tinhte.vn/js/vim/	21 KB 10 KB	1236ms 309ms	Script application/javascript	125.212.247.8 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Full URL https://tinhte.vn/js/vim/mudim.js?_v=002939be Requested by Host: tinhte.vn URL: https://tinhte.vn/members/tonic-studios.2969865/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS Software nginx / Resource Hash c8866444fa94d600f25d84554edc9d6ed1aa0b2c4f232057040ceec743e4779c Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/members/tonic-studios.2969865/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Wed, 15 Mar 2023 10:28:35 GMT Content-Encoding gzip Last-Modified Wed, 05 Jan 2022 08:02:24 GMT Server nginx ETag W/"61d55090-55df" Transfer-Encoding chunked Vary Accept-Encoding, Origin Content-Type application/javascript Cache-Control max-age=31536000, public Expires Thu, 14 Mar 2024 10:28:35 GMT
GET H/1.1	200 OK	preview.min.js Show response tinhte.vn/js/Tinhte/XenTag/	448 B 778 B	1228ms 300ms	Script application/javascript	125.212.247.8 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Full URL https://tinhte.vn/js/Tinhte/XenTag/preview.min.js?_v=002939be Requested by Host: tinhte.vn URL: https://tinhte.vn/members/tonic-studios.2969865/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS Software nginx / Resource Hash 74d7769cba3b7e8b597892ce352e3130f38ba2056a74c7b944e262d64b89f1a8 Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/members/tonic-studios.2969865/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Wed, 15 Mar 2023 10:28:35 GMT Last-Modified Wed, 05 Jan 2022 08:02:23 GMT Server nginx ETag "61d5508f-1c0" Vary Origin Content-Type application/javascript Cache-Control max-age=31536000, public Accept-Ranges bytes Content-Length 448 Expires Thu, 14 Mar 2024 10:28:35 GMT
GET H/1.1	200 OK	functions.min.js Show response tinhte.vn/js/audentio/uiflex/	143 KB 35 KB	1602ms 643ms	Script application/javascript	125.212.247.8 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Full URL https://tinhte.vn/js/audentio/uiflex/functions.min.js?_v=002939be_1.5.21.0_2 Requested by Host: tinhte.vn URL: https://tinhte.vn/members/tonic-studios.2969865/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS Software nginx / Resource Hash c7428f4465dd36da8014a7f90613f1ce73deeefd2cf31ee056c13f2a73137f43 Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/members/tonic-studios.2969865/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Wed, 15 Mar 2023 10:28:35 GMT Content-Encoding gzip Last-Modified Wed, 05 Jan 2022 08:02:23 GMT Server nginx ETag W/"61d5508f-23ae2" Transfer-Encoding chunked Vary Accept-Encoding, Origin Content-Type application/javascript Cache-Control max-age=31536000, public Expires Thu, 14 Mar 2024 10:28:35 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	241 KB 82 KB	59ms 26ms	Script application/javascript	2a00:1450:4001:831::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-EHPF9BTE3E Requested by Host: tinhte.vn URL: https://tinhte.vn/members/tonic-studios.2969865/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 5061a1aa2bdd7cf69c6ffb9086c26fb8b5ffac58298ecf38f0dd3e9def604bdc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 10:28:35 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 83466 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 15 Mar 2023 10:28:35 GMT
GET H/1.1	200 OK	logo_small.png tinhte.vn/styles/uiflex/dimota/	7 KB 7 KB	320ms 319ms	Image image/png	125.212.247.8 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Show image Full URL https://tinhte.vn/styles/uiflex/dimota/logo_small.png Requested by Host: tinhte.vn URL: https://tinhte.vn/members/tonic-studios.2969865/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS Software nginx / Resource Hash b7fcae64a91e4fe18790234505d58c7c38222526b359f69035710c1942e33f83 Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/members/tonic-studios.2969865/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Wed, 15 Mar 2023 10:28:36 GMT Last-Modified Wed, 05 Jan 2022 08:02:24 GMT Server nginx ETag "61d55090-1a26" Vary Origin Content-Type image/png Cache-Control max-age=31536000, public Accept-Ranges bytes Content-Length 6694 Expires Thu, 14 Mar 2024 10:28:36 GMT
GET H/1.1	200 OK	avatar_2.png tinhte.vn/styles/default/TinhteMods/avatars/	9 KB 9 KB	313ms 312ms	Image image/png	125.212.247.8 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Show image Full URL https://tinhte.vn/styles/default/TinhteMods/avatars/avatar_2.png Requested by Host: tinhte.vn URL: https://tinhte.vn/members/tonic-studios.2969865/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS Software nginx / Resource Hash 8409ddadb3657d33491bbcbd222b83c6d2b7941bb956be9ba148ed4bc12172c9 Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/members/tonic-studios.2969865/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Wed, 15 Mar 2023 10:28:35 GMT Last-Modified Wed, 05 Jan 2022 08:02:24 GMT Server nginx ETag "61d55090-241d" Vary Origin Content-Type image/png Cache-Control max-age=31536000, public Accept-Ranges bytes Content-Length 9245 Expires Thu, 14 Mar 2024 10:28:35 GMT
GET H2	200	firebase-app.js Show response www.gstatic.com/firebasejs/7.5.2/	16 KB 6 KB	49ms 12ms	Script text/javascript	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/7.5.2/firebase-app.js Requested by Host: tinhte.vn URL: https://tinhte.vn/members/tonic-studios.2969865/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d7115cf06d4df2dac1341740391401d708853a555b5b5bbfdf135491e9e58446 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 20:26:54 GMT content-encoding gzip x-content-type-options nosniff age 50501 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5581 x-xss-protection 0 last-modified Fri, 06 Dec 2019 21:21:46 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="firebase-js" vary Accept-Encoding report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 13 Mar 2024 20:26:54 GMT
GET H2	200	firebase-analytics.js Show response www.gstatic.com/firebasejs/7.5.2/	22 KB 22 KB	13ms 12ms	Script text/javascript	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/7.5.2/firebase-analytics.js Requested by Host: tinhte.vn URL: https://tinhte.vn/members/tonic-studios.2969865/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0aaff843d07f3d074dd6dc797a05226cccff351ee6ce849b316070b54a6e8701 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 08 Mar 2023 16:32:42 GMT x-content-type-options nosniff age 582953 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22471 x-xss-protection 0 last-modified Fri, 06 Dec 2019 21:21:46 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="firebase-js" vary Accept-Encoding report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 07 Mar 2024 16:32:42 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	43ms 11ms	Script text/javascript	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: tinhte.vn URL: https://tinhte.vn/members/tonic-studios.2969865/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Wed, 15 Mar 2023 10:14:45 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 830 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20085 expires Wed, 15 Mar 2023 12:14:45 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	107 KB 28 KB	63ms 14ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: tinhte.vn URL: https://tinhte.vn/members/tonic-studios.2969865/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Wed, 15 Mar 2023 10:28:35 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 27907 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug Ga2sgypJivAA9KKQIa8pUfhm+uXnLnWMNPsa6udSPnZdeMNB2QjMJpnic6SlEwg2rjpmTRJdQ3qovykRzo/www== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-trip-id 1679558926 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H/1.1	200 OK	issue144_66x66.png tinhte.vn/styles/uiflex/	3 KB 3 KB	311ms 311ms	Image image/png	125.212.247.8 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Show image Full URL https://tinhte.vn/styles/uiflex/issue144_66x66.png Requested by Host: tinhte.vn URL: https://tinhte.vn/css.php?css=EXTRA&style=85&dir=LTR&d=1678691409 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS Software nginx / Resource Hash d1904ce3bf0eec24efb6dc26d4a75882d2d781925309ec88b0136b1b02045476 Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/css.php?css=EXTRA&style=85&dir=LTR&d=1678691409 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Wed, 15 Mar 2023 10:28:36 GMT Last-Modified Tue, 14 Mar 2023 11:38:53 GMT Server nginx ETag "64105ccd-a1d" Vary Origin Content-Type image/png Cache-Control max-age=31536000, public Accept-Ranges bytes Content-Length 2589 Expires Thu, 14 Mar 2024 10:28:36 GMT
GET H/1.1	200 OK	form-button-white-25px.png tinhte.vn/styles/uiflex/xenforo/gradients/	192 B 508 B	314ms 313ms	Image image/png	125.212.247.8 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Show image Full URL https://tinhte.vn/styles/uiflex/xenforo/gradients/form-button-white-25px.png Requested by Host: tinhte.vn URL: https://tinhte.vn/css.php?css=xenforo,form,public&style=85&dir=LTR&d=1678691409 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS Software nginx / Resource Hash 6a7df56f580bf0b383dfcacf6f1962e04f5acbb343b270fa4749a16864cac5ac Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/css.php?css=xenforo,form,public&style=85&dir=LTR&d=1678691409 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Wed, 15 Mar 2023 10:28:36 GMT Last-Modified Wed, 05 Jan 2022 08:02:24 GMT Server nginx ETag "61d55090-c0" Vary Origin Content-Type image/png Cache-Control max-age=31536000, public Accept-Ranges bytes Content-Length 192 Expires Thu, 14 Mar 2024 10:28:36 GMT
GET H/1.1	200 OK	fontawesome-webfont.woff2 tinhte.vn/styles/uiflex/uix/fonts/	70 KB 71 KB	333ms 333ms	Font font/woff2	125.212.247.8 VIETEL-AS-AP Viet...
General Check archive.org Show headers Download Go to Full URL https://tinhte.vn/styles/uiflex/uix/fonts/fontawesome-webfont.woff2?v=4.6.3 Requested by Host: tinhte.vn URL: https://tinhte.vn/styles/uiflex/uix/css/font-awesome.min.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 125.212.247.8 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN), Reverse DNS Software nginx / Resource Hash 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73 Request headers Referer https://tinhte.vn/styles/uiflex/uix/css/font-awesome.min.css Origin https://tinhte.vn accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Wed, 15 Mar 2023 10:28:36 GMT Last-Modified Wed, 05 Jan 2022 08:02:24 GMT Server nginx ETag "61d55090-118d8" Vary Origin Access-Control-Allow-Methods GET, OPTIONS Content-Type font/woff2 Access-Control-Allow-Origin https://tinhte.vn Cache-Control max-age=31536000, public Access-Control-Allow-Credentials true Access-Control-Max-Age 86400 Accept-Ranges bytes Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type Content-Length 71896 Expires Thu, 14 Mar 2024 10:28:36 GMT
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	79 KB 27 KB	51ms 19ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js?origin=tinhte.vn&_=1678876115079 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 44131d14a787994613df7407812f927835e62cc6cd1f972224bc465c1478d3b2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 10:28:35 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 27349 x-xss-protection 0 server sffe etag "1511 / 921 of 1000 / last-modified: 1678869959" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Wed, 15 Mar 2023 10:28:35 GMT
GET H2	200	api:client.js Show response apis.google.com/js/	17 KB 7 KB	52ms 20ms	Script text/javascript	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/api:client.js Requested by Host: tinhte.vn URL: https://tinhte.vn/js/xenforo/xenforo.js?_v=002939be Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 97456379c4c20c844199ededf873cc708e7e676ecbf4610fa8ba1ad6bd01d0da Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers content-security-policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team content-encoding gzip x-content-type-options nosniff date Wed, 15 Mar 2023 10:28:35 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6898 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="gapi-team" etag "7a46f65692fa85a9" vary Accept-Encoding report-to {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]} content-type text/javascript access-control-allow-origin * cache-control private, max-age=1800, stale-while-revalidate=1800 accept-ranges bytes timing-allow-origin * expires Wed, 15 Mar 2023 10:28:35 GMT
POST H2	200	installations Show response firebaseinstallations.googleapis.com/v1/projects/tinhte-apps/	623 B 676 B	341ms 341ms	Fetch application/json	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firebaseinstallations.googleapis.com/v1/projects/tinhte-apps/installations Requested by Host: www.gstatic.com URL: https://www.gstatic.com/firebasejs/7.5.2/firebase-analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash af756a7394b0f1239a69232052ae279ee3b1029cb4af7f0fc4a4a40ef48bff53 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept application/json Referer https://tinhte.vn/ x-goog-api-key AIzaSyDWAPFMaWXFbERvNRUpiMdEvvVEo4_4gtc accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 content-type application/json Response headers date Wed, 15 Mar 2023 10:28:36 GMT content-encoding gzip x-content-type-options nosniff server ESF vary Origin, X-Origin, Referer x-frame-options SAMEORIGIN content-type application/json; charset=UTF-8 access-control-allow-origin https://tinhte.vn access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 486 x-xss-protection 0
OPTIONS H2	200	installations firebaseinstallations.googleapis.com/v1/projects/tinhte-apps/ Frame	0 0	91ms 19ms	Preflight text/html	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firebaseinstallations.googleapis.com/v1/projects/tinhte-apps/installations Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,x-goog-api-key Access-Control-Request-Method POST Origin https://tinhte.vn Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers access-control-allow-headers content-type,x-goog-api-key access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-origin https://tinhte.vn access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html date Wed, 15 Mar 2023 10:28:35 GMT server ESF vary origin referer x-origin x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 0
POST H2	200	collect Show response www.google-analytics.com/j/	4 B 205 B	19ms 19ms	XHR text/plain	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j99&a=296842982&t=pageview&_s=1&dl=https%3A%2F%2Ftinhte.vn%2Fmembers%2Ftonic-studios.2969865%2F&ul=en-us&de=UTF-8&dt=Tonic%20Studios%20%7C%20Tinhte.vn&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YHBAAEABAAAAACAAI~&jid=1702440820&gjid=976541086&cid=581961977.1678876116&tid=UA-2120640-1&_gid=1075071129.1678876116&_r=1&_slc=1&cd2=0%2C1&cd4=user-2969865&z=1562278710 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://tinhte.vn/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 15 Mar 2023 10:28:35 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://tinhte.vn cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	480704548985430 Show response connect.facebook.net/signals/config/	377 KB 108 KB	13ms 13ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/480704548985430?v=2.9.98&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 4636465b791ae9a9d591a86ed8630648f7c4078f4000d35c4e6adfc3755c2766 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Wed, 15 Mar 2023 10:28:35 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 110224 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug G4ruFxJVURhWUxo58krUDXFv4cR8VQrbyst+RyKedVpXcbzqEhjGdyH2xKgb5l1/zURONOlSLPIhua0blcwgfg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-trip-id 1679558926 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 250 B	53ms 18ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-EHPF9BTE3E&gtm=45je33d0&_p=296842982&cid=581961977.1678876116&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1678876115&sct=1&seg=0&dl=https%3A%2F%2Ftinhte.vn%2Fmembers%2Ftonic-studios.2969865%2F&dt=Tonic%20Studios%20%7C%20Tinhte.vn&en=page_view&_fv=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-EHPF9BTE3E Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Wed, 15 Mar 2023 10:28:35 GMT server Golfe2 content-type text/plain access-control-allow-origin https://tinhte.vn cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	193 KB 69 KB	27ms 27ms	Script application/javascript	2a00:1450:4001:831::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-L2J9ZH0B0E&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-EHPF9BTE3E Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c1d9e28bf1ec0a02d6fa21a3217f723891ef2f6fc7b24e7475e8af0911af6452 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 10:28:35 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 70846 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 15 Mar 2023 10:28:35 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 345 B	79ms 25ms	XHR text/plain	2a00:1450:400c:c0c::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-2120640-1&cid=581961977.1678876116&jid=1702440820&gjid=976541086&_gid=1075071129.1678876116&_u=YHBAAEAAAAAAACAAI~&z=1775699564 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://tinhte.vn/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Wed, 15 Mar 2023 10:28:35 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://tinhte.vn cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cb=gapi.loaded_0 Show response apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Kkp5jCVP1mE.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw/	315 KB 107 KB	15ms 15ms	Script text/javascript	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Kkp5jCVP1mE.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw/cb=gapi.loaded_0?le=scs Requested by Host: apis.google.com URL: https://apis.google.com/js/api:client.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cebdb5bf570a8a687478359f01b1d07f6ee56c7fd55c28d8090743d5583b49e2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Mon, 13 Mar 2023 10:38:46 GMT content-encoding gzip x-content-type-options nosniff age 172189 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 109898 x-xss-protection 0 last-modified Wed, 01 Feb 2023 16:56:11 GMT server sffe cross-origin-opener-policy same-origin; report-to="social-frontend-mpm-access" vary Accept-Encoding report-to {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 12 Mar 2024 10:38:46 GMT
GET H2	200	cb=gapi.loaded_1 Show response apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Kkp5jCVP1mE.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw/	62 B 479 B	14ms 14ms	Script text/javascript	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Kkp5jCVP1mE.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw/cb=gapi.loaded_1?le=scs Requested by Host: apis.google.com URL: https://apis.google.com/js/api:client.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 27095d13a9c6e755cb20dc225c60d419aaea91a9ec240b842527daea5c98a3ba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 08 Mar 2023 21:54:57 GMT x-content-type-options nosniff age 563618 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 62 x-xss-protection 0 last-modified Wed, 01 Feb 2023 16:56:11 GMT server sffe cross-origin-opener-policy same-origin; report-to="social-frontend-mpm-access" report-to {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 07 Mar 2024 21:54:57 GMT
GET H2	200	pubads_impl_2023030901.js Show response securepubads.g.doubleclick.net/gpt/	395 KB 134 KB	44ms 12ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030901.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js?origin=tinhte.vn&_=1678876115079 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2940fc3e4be1c44c42429926fd8144235bee8fde8e590386bc0b8900482b82d2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 15:10:39 GMT content-encoding gzip x-content-type-options nosniff age 69476 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 136293 x-xss-protection 0 last-modified Thu, 09 Mar 2023 09:39:14 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Wed, 13 Mar 2024 15:10:39 GMT
GET H2	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	82 B 609 B	78ms 47ms	XHR application/json	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=tinhte.vn Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js?origin=tinhte.vn&_=1678876115079 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b6cd300e5defab2ac91d8d4fe7569db7a241b64f1d410c6d24dbf2b3d4438d04 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 10:28:35 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 67 x-xss-protection 0 expires Wed, 15 Mar 2023 10:28:35 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	55ms 13ms	Image text/plain	2a03:2880:f177:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=480704548985430&ev=PageView&dl=https%3A%2F%2Ftinhte.vn%2Fmembers%2Ftonic-studios.2969865%2F&rl=&if=false&ts=1678876115954&sw=1600&sh=1200&v=2.9.98&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1678876115953.502441926&it=1678876115887&coo=false&rqm=GET Requested by Host: tinhte.vn URL: https://tinhte.vn/members/tonic-studios.2969865/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Wed, 15 Mar 2023 10:28:36 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
POST H2	204	collect region1.google-analytics.com/g/	0 54 B	19ms 19ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-L2J9ZH0B0E&gtm=45je33d0&_p=296842982&_fid=cPk3hHKyQsYPSihl-cJ7Fz&cid=581961977.1678876116&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1678876115&sct=1&seg=0&dl=https%3A%2F%2Ftinhte.vn%2Fmembers%2Ftonic-studios.2969865%2F&dt=Tonic%20Studios%20%7C%20Tinhte.vn&en=page_view&_fv=1&_ss=1&_ee=1&ep.origin=firebase Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-L2J9ZH0B0E&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Wed, 15 Mar 2023 10:28:35 GMT server Golfe2 content-type text/plain access-control-allow-origin https://tinhte.vn cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	iframe Show response accounts.google.com/o/oauth2/ Frame BC64	280 B 1 KB	338ms 306ms	Document text/html	2a00:1450:4001:80e::200d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/o/oauth2/iframe Requested by Host: apis.google.com URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Kkp5jCVP1mE.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw/cb=gapi.loaded_0?le=scs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 592206d3393b0c94fd2003c9121e23a6e246d358a997cd03a2304d0e8558668c Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-y76MrJQufEeLX6ejOvY2MQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinhte.vn/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-y76MrJQufEeLX6ejOvY2MQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy cross-origin date Wed, 15 Mar 2023 10:28:36 GMT expires Mon, 01 Jan 1990 00:00:00 GMT permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=* pragma no-cache server ESF strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff x-xss-protection 0
GET H2	200	ga-audiences www.google.com/ads/	42 B 408 B	69ms 36ms	Image image/gif	2a00:1450:4001:813::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-2120640-1&cid=581961977.1678876116&jid=1702440820&_u=YHBAAEAAAAAAACAAI~&z=2132392281 Requested by Host: tinhte.vn URL: https://tinhte.vn/members/tonic-studios.2969865/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Wed, 15 Mar 2023 10:28:36 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 408 B	69ms 36ms	Image image/gif	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-2120640-1&cid=581961977.1678876116&jid=1702440820&_u=YHBAAEAAAAAAACAAI~&z=2132392281 Requested by Host: tinhte.vn URL: https://tinhte.vn/members/tonic-studios.2969865/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Wed, 15 Mar 2023 10:28:36 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 531 B	54ms 21ms	Script application/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=tinhte.vn Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030901.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 10:28:36 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 456 B	53ms 21ms	Script application/javascript	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=tinhte.vn Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030901.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 10:28:36 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	16 KB 7 KB	844ms 844ms	XHR text/plain	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1909024676338492&correlator=3122730319028509&eid=31070232&output=ldjh&gdfp_req=1&vrg=2023030901&ptt=17&impl=fifs&iu_parts=3823916%2CTinhte_Desktop_Forum_Middle_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&adks=3593623497&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1678876116085&lmt=1678876113&dlt=1678876114140&idt=1913&adxs=436&adys=125&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ftinhte.vn%2Fmembers%2Ftonic-studios.2969865%2F&frm=20&vis=1&psz=1600x90&msz=728x-1&fws=4&ohw=728&ga_vid=581961977.1678876116&ga_sid=1678876116&ga_hid=296842982&ga_fc=true Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030901.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash eb4aaa30383e5107bd2bbc8ffe17d40a8795211850ef4e10eeecf6f90614a123 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 10:28:36 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6814 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://tinhte.vn cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	16 KB 7 KB	502ms 502ms	XHR text/plain	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1909024676338492&correlator=3122730319028509&eid=31070232&output=ldjh&gdfp_req=1&vrg=2023030901&ptt=17&impl=fifs&iu_parts=3823916%2CTinhte_Desktop_Bottom&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=2&adks=983309566&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1678876116093&lmt=1678876113&dlt=1678876114140&idt=1913&adxs=436&adys=649&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ftinhte.vn%2Fmembers%2Ftonic-studios.2969865%2F&frm=20&vis=1&psz=1138x90&msz=728x-1&fws=4&ohw=728&ga_vid=581961977.1678876116&ga_sid=1678876116&ga_hid=296842982&ga_fc=true Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030901.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d97f37e6c9b4601948eee28445988eebc1ca8ad36635726065560d4782c21a77 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 10:28:36 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6877 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://tinhte.vn cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C385	6 KB 3 KB	66ms 20ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030901.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinhte.vn/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Wed, 15 Mar 2023 10:28:36 GMT expires Thu, 14 Mar 2024 10:28:36 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H2	400	cspreport accounts.google.com/_/IdpIFrameHttp/ Frame BC64	2 KB 911 B	25ms 24ms	Other text/html	2a00:1450:4001:80e::200d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/_/IdpIFrameHttp/cspreport Requested by Host: tinhte.vn URL: https://tinhte.vn/members/tonic-studios.2969865/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 735d82289e9ebb472be80e15d437b75368531be0891261bec8abf77e2aa0e823 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://accounts.google.com/o/oauth2/iframe accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Content-Type application/csp-report Response headers pragma no-cache date Wed, 15 Mar 2023 10:28:36 GMT content-encoding gzip x-content-type-options nosniff server GSE content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	m=base Show response www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.5iIXQO4jihY.es5.O/d=1/rs=AOaEmlHnyD_T4ixdtu-Rn-DjLN56zUfxcA/ Frame BC64	100 KB 35 KB	13ms 12ms	Script text/javascript	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.5iIXQO4jihY.es5.O/d=1/rs=AOaEmlHnyD_T4ixdtu-Rn-DjLN56zUfxcA/m=base Requested by Host: accounts.google.com URL: https://accounts.google.com/o/oauth2/iframe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 00649b64625b85098536a9e704b276d818263c06e7e91044d1d8f96b62df6e67 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://accounts.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 06:26:26 GMT content-encoding gzip x-content-type-options nosniff age 100930 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35347 x-xss-protection 0 last-modified Mon, 13 Mar 2023 18:48:03 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/identity-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Wed, 13 Mar 2024 06:26:26 GMT
GET H3	200	iframerpc Show response accounts.google.com/o/oauth2/ Frame BC64	49 B 96 B	294ms 294ms	XHR application/json	2a00:1450:4001:80e::200d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Ftinhte.vn&client_id=572333712218-17emelrtbjqlumrd326fbnrjb2ma4kh5.apps.googleusercontent.com Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.5iIXQO4jihY.es5.O/d=1/rs=AOaEmlHnyD_T4ixdtu-Rn-DjLN56zUfxcA/m=base Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-21Lw2h1BfXEk2LYZcE7Hvg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://accounts.google.com/o/oauth2/iframe X-Requested-With XmlHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 10:28:36 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-21Lw2h1BfXEk2LYZcE7Hvg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist content-encoding gzip cross-origin-embedder-policy require-corp p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cross-origin-resource-policy same-site alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, Origin content-type application/json; charset=utf-8 cache-control private, max-age=3600 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=* expires Wed, 15 Mar 2023 10:28:36 GMT
POST H2	200	/ Show response www.facebook.com/tr/ Frame FE45	0 45 B	12ms 12ms	Document text/plain	2a03:2880:f177:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/tr/ Requested by Host: tinhte.vn URL: https://tinhte.vn/members/tonic-studios.2969865/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Content-Type application/x-www-form-urlencoded Origin https://tinhte.vn Referer https://tinhte.vn/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-origin https://tinhte.vn alt-svc h3=":443"; ma=86400 content-length 0 content-type text/plain cross-origin-resource-policy cross-origin date Wed, 15 Mar 2023 10:28:36 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains
GET H2	200	container.html Show response 827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5797	6 KB 3 KB	13ms 12ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030901.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinhte.vn/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Wed, 15 Mar 2023 10:28:36 GMT expires Thu, 14 Mar 2024 10:28:36 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 2398	624 B 556 B	52ms 49ms	Document text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiRrrXcATAB&v=APEucNUuYcZ-ioiaKOIzM-H2i4_3kBIh8DY0Lg3HuH4jX_knyTpS36dTOV8Q7fIctRE5P5nTNcxR_qWAUiUHy8BNT1MkGH2RW-eniVW0Soe5gPQBqTxt7KoqsEFy69lpvwFyUna77PDTStq2T8tTPxsMGjZ7-g15vb13YP0SPWq50GJUPN0xh_I Requested by Host: 827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com URL: https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 15 Mar 2023 10:28:36 GMT expires Wed, 15 Mar 2023 10:28:36 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 5797	78 KB 27 KB	985ms 829ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: 827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com URL: https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 10:28:37 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 27790 x-xss-protection 0 server cafe etag 3677590245327912432 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Wed, 15 Mar 2023 10:28:37 GMT
GET H2	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 5797	42 B 110 B	202ms 47ms	Image image/gif	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CZhvNJDRfrKCL0Vnsz2bfax03DodTUge7lXtTqhnh1RAaKMyAwAH5ny6GYVk-blOwPZDH4HPnUuaXVWlqsmNpxSIfewX7dj-3kzNTr0L49AaHz7wg Requested by Host: 827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com URL: https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Wed, 15 Mar 2023 10:28:36 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 5797	0 349 B	201ms 45ms	Image image/gif	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12201777621400467588&x=1&ct=76 Requested by Host: 827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com URL: https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Wed, 15 Mar 2023 10:28:36 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230313/r20110914/client/ Frame 5797	3 KB 1 KB	168ms 13ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230313/r20110914/client/window_focus_fy2021.js Requested by Host: 827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com URL: https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 10:08:06 GMT content-encoding br x-content-type-options nosniff age 1230 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 29 Mar 2023 10:08:06 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230313/r20110914/client/ Frame 5797	20 KB 9 KB	167ms 12ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230313/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com URL: https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 340c70065b47dff8d7b6f4592854f7defdc068348f4c341c22b9b34b13ba9aa4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 14:26:26 GMT content-encoding br x-content-type-options nosniff age 72130 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8541 x-xss-protection 0 server cafe etag 9550401019908337125 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 28 Mar 2023 14:26:26 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 5797	158 KB 49 KB	27ms 26ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com URL: https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cb4ec597764d44492ac20e31d89a2c16f6c77d3fbe8d926defcb2e66fd35fb97 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 10:28:36 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49526 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1678735041478572" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Wed, 15 Mar 2023 10:28:36 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 2398 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECEOjSw2BS6XDP3t9qPujU&google_cver=1 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECEOjSw2BS6XDP3t9qPujU&google_cver=1&C=1	43 B 766 B	13ms 13ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECEOjSw2BS6XDP3t9qPujU&google_cver=1&C=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiRrrXcATAB&v=APEucNUuYcZ-ioiaKOIzM-H2i4_3kBIh8DY0Lg3HuH4jX_knyTpS36dTOV8Q7fIctRE5P5nTNcxR_qWAUiUHy8BNT1MkGH2RW-eniVW0Soe5gPQBqTxt7KoqsEFy69lpvwFyUna77PDTStq2T8tTPxsMGjZ7-g15vb13YP0SPWq50GJUPN0xh_I Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Pragma no-cache Date Wed, 15 Mar 2023 10:28:36 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=498 Content-Length 43 Expires 0 Redirect headers Pragma no-cache Date Wed, 15 Mar 2023 10:28:36 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location /rum?cm_dsp_id=45&external_user_id=CAESEECEOjSw2BS6XDP3t9qPujU&google_cver=1&C=1 Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=499 Content-Length 0 Expires 0
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 2398 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZBGd1EzWBuqainc2kOsQowAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECEOjSw2BS6XDP3t9qPujU&google_cver=1	43 B 766 B	13ms 13ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECEOjSw2BS6XDP3t9qPujU&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiRrrXcATAB&v=APEucNUuYcZ-ioiaKOIzM-H2i4_3kBIh8DY0Lg3HuH4jX_knyTpS36dTOV8Q7fIctRE5P5nTNcxR_qWAUiUHy8BNT1MkGH2RW-eniVW0Soe5gPQBqTxt7KoqsEFy69lpvwFyUna77PDTStq2T8tTPxsMGjZ7-g15vb13YP0SPWq50GJUPN0xh_I Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Pragma no-cache Date Wed, 15 Mar 2023 10:28:36 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=497 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Wed, 15 Mar 2023 10:28:36 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECEOjSw2BS6XDP3t9qPujU&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	bounce ib.adnxs.com/ Frame 2398 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEL0kkYzOimg_UqFtTOCMBZc&google_cver=1 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEL0kkYzOimg_UqFtTOCMBZc%26google_cver%3D1	43 B 1 KB	43ms 31ms	Image image/gif	185.89.210.180 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEL0kkYzOimg_UqFtTOCMBZc%26google_cver%3D1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiRrrXcATAB&v=APEucNUuYcZ-ioiaKOIzM-H2i4_3kBIh8DY0Lg3HuH4jX_knyTpS36dTOV8Q7fIctRE5P5nTNcxR_qWAUiUHy8BNT1MkGH2RW-eniVW0Soe5gPQBqTxt7KoqsEFy69lpvwFyUna77PDTStq2T8tTPxsMGjZ7-g15vb13YP0SPWq50GJUPN0xh_I Protocol HTTP/1.1 Server 185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Pragma no-cache Date Wed, 15 Mar 2023 10:28:36 GMT AN-X-Request-Uuid af086eb0-d59b-4bd7-a7d4-a30cb0f392be Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type image/gif P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive X-Proxy-Origin 217.64.151.3; 217.64.151.3; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Wed, 15 Mar 2023 10:28:36 GMT AN-X-Request-Uuid 47f92e63-9002-40aa-ad5b-49cba17a1e6e Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEL0kkYzOimg_UqFtTOCMBZc%26google_cver%3D1 Cache-Control no-store, no-cache, private Connection keep-alive X-Proxy-Origin 217.64.151.3; 217.64.151.3; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 2398 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg4NDE5OTY2MDcyODIwMDg5OQ%3D%3D	170 B 243 B	23ms 23ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg4NDE5OTY2MDcyODIwMDg5OQ%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiRrrXcATAB&v=APEucNUuYcZ-ioiaKOIzM-H2i4_3kBIh8DY0Lg3HuH4jX_knyTpS36dTOV8Q7fIctRE5P5nTNcxR_qWAUiUHy8BNT1MkGH2RW-eniVW0Soe5gPQBqTxt7KoqsEFy69lpvwFyUna77PDTStq2T8tTPxsMGjZ7-g15vb13YP0SPWq50GJUPN0xh_I Protocol H2 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Wed, 15 Mar 2023 10:28:36 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Wed, 15 Mar 2023 10:28:36 GMT P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 217.64.151.3; 217.64.151.3; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid 651ddf57-0ff3-4f28-93cb-dd0091c03b93 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg4NDE5OTY2MDcyODIwMDg5OQ%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	container.html Show response 827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7138	6 KB 3 KB	13ms 12ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030901.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinhte.vn/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Wed, 15 Mar 2023 10:28:36 GMT expires Thu, 14 Mar 2024 10:28:36 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 6C1B	624 B 245 B	51ms 49ms	Document text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDDhCYYrMqU0QEwAQ&v=APEucNVJUtYaQlKblSuJdUtk1yHpaSTRZAWXSKqNhe_kBZlb-pUjQFL0Cg0PBtNn9IvGnoRN-UJDK01gqQss98PKP8prraW9E6S2iGvm1Q-OtZgWQTaABsECoC-vAyY6kYi5ZzBBCHg4FLcjvW-kAmkN1gJeG9HQSovUgLuIUzHE4V9V0QIE4NY Requested by Host: 827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com URL: https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 15 Mar 2023 10:28:36 GMT expires Wed, 15 Mar 2023 10:28:36 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 7138	78 KB 27 KB	70ms 69ms	Script text/javascript	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: 827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com URL: https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash 16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 10:28:37 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 27790 x-xss-protection 0 server cafe etag 3677590245327912432 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Wed, 15 Mar 2023 10:28:37 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 7138	42 B 63 B	48ms 46ms	Image image/gif	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CWCqWR42KF4JVwgRPheda7koXAue0Tj7T64Gai_P1aa2OuU9Ii4n3cg_0xlgHTbSCvx65F32TmKjaAJdQlz-dZUxAZixYplRm0A3JW4dx7TNH02g8 Requested by Host: 827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com URL: https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Wed, 15 Mar 2023 10:28:36 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 7138	0 20 B	47ms 46ms	Image image/gif	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16794334381798205422&x=1&ct=76 Requested by Host: 827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com URL: https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Wed, 15 Mar 2023 10:28:36 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230313/r20110914/client/ Frame 7138	3 KB 1 KB	15ms 14ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230313/r20110914/client/window_focus_fy2021.js Requested by Host: 827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com URL: https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 10:08:06 GMT content-encoding br x-content-type-options nosniff age 1230 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 29 Mar 2023 10:08:06 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230313/r20110914/client/ Frame 7138	20 KB 8 KB	13ms 12ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230313/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com URL: https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 340c70065b47dff8d7b6f4592854f7defdc068348f4c341c22b9b34b13ba9aa4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 14:26:26 GMT content-encoding br x-content-type-options nosniff age 72130 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8541 x-xss-protection 0 server cafe etag 9550401019908337125 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 28 Mar 2023 14:26:26 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 7138	158 KB 48 KB	25ms 23ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com URL: https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cb4ec597764d44492ac20e31d89a2c16f6c77d3fbe8d926defcb2e66fd35fb97 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 10:28:36 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49526 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1678735041478572" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Wed, 15 Mar 2023 10:28:36 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 6C1B Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECEOjSw2BS6XDP3t9qPujU&google_cver=1	43 B 766 B	13ms 13ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECEOjSw2BS6XDP3t9qPujU&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDDhCYYrMqU0QEwAQ&v=APEucNVJUtYaQlKblSuJdUtk1yHpaSTRZAWXSKqNhe_kBZlb-pUjQFL0Cg0PBtNn9IvGnoRN-UJDK01gqQss98PKP8prraW9E6S2iGvm1Q-OtZgWQTaABsECoC-vAyY6kYi5ZzBBCHg4FLcjvW-kAmkN1gJeG9HQSovUgLuIUzHE4V9V0QIE4NY Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Pragma no-cache Date Wed, 15 Mar 2023 10:28:37 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=495 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Wed, 15 Mar 2023 10:28:37 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECEOjSw2BS6XDP3t9qPujU&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 6C1B Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZBGd1EzWBuqainc2kOsQpAAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECEOjSw2BS6XDP3t9qPujU&google_cver=1	43 B 632 B	13ms 12ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECEOjSw2BS6XDP3t9qPujU&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDDhCYYrMqU0QEwAQ&v=APEucNVJUtYaQlKblSuJdUtk1yHpaSTRZAWXSKqNhe_kBZlb-pUjQFL0Cg0PBtNn9IvGnoRN-UJDK01gqQss98PKP8prraW9E6S2iGvm1Q-OtZgWQTaABsECoC-vAyY6kYi5ZzBBCHg4FLcjvW-kAmkN1gJeG9HQSovUgLuIUzHE4V9V0QIE4NY Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Pragma no-cache Date Wed, 15 Mar 2023 10:28:37 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=499 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Wed, 15 Mar 2023 10:28:37 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECEOjSw2BS6XDP3t9qPujU&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame 6C1B Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEL0kkYzOimg_UqFtTOCMBZc&google_cver=1	43 B 1 KB	27ms 27ms	Image image/gif	185.89.210.180 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEL0kkYzOimg_UqFtTOCMBZc&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDDhCYYrMqU0QEwAQ&v=APEucNVJUtYaQlKblSuJdUtk1yHpaSTRZAWXSKqNhe_kBZlb-pUjQFL0Cg0PBtNn9IvGnoRN-UJDK01gqQss98PKP8prraW9E6S2iGvm1Q-OtZgWQTaABsECoC-vAyY6kYi5ZzBBCHg4FLcjvW-kAmkN1gJeG9HQSovUgLuIUzHE4V9V0QIE4NY Protocol HTTP/1.1 Server 185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Pragma no-cache Date Wed, 15 Mar 2023 10:28:37 GMT AN-X-Request-Uuid c1227943-a014-41bc-971b-d6173c1bfe27 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type image/gif P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive X-Proxy-Origin 217.64.151.3; 217.64.151.3; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Wed, 15 Mar 2023 10:28:37 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESEL0kkYzOimg_UqFtTOCMBZc&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 6C1B Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYzNjMxMDM1Mjg2Nzk4MTUxMw%3D%3D	170 B 188 B	22ms 21ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYzNjMxMDM1Mjg2Nzk4MTUxMw%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDDhCYYrMqU0QEwAQ&v=APEucNVJUtYaQlKblSuJdUtk1yHpaSTRZAWXSKqNhe_kBZlb-pUjQFL0Cg0PBtNn9IvGnoRN-UJDK01gqQss98PKP8prraW9E6S2iGvm1Q-OtZgWQTaABsECoC-vAyY6kYi5ZzBBCHg4FLcjvW-kAmkN1gJeG9HQSovUgLuIUzHE4V9V0QIE4NY Protocol H3 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Wed, 15 Mar 2023 10:28:37 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Wed, 15 Mar 2023 10:28:37 GMT P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 217.64.151.3; 217.64.151.3; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid 91523f1d-ce81-4cec-9ded-1291dddd3768 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYzNjMxMDM1Mjg2Nzk4MTUxMw%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 7138	0 20 B	45ms 45ms	Ping image/gif	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=928708548995&version=m202301230201 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Wed, 15 Mar 2023 10:28:37 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 7138	0 20 B	45ms 45ms	Ping image/gif	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=928708548995&version=m202301230201&ct=76&x=1&cor=16794334381798205000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Wed, 15 Mar 2023 10:28:37 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 7138	83 KB 35 KB	50ms 50ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AnsOxIUK_3Ok4VGi2cX6yblRokjd80n6Iwbq4qZ48ECao_fegW1ICtX2BZruqQVam3ZXPGp8-FsQyKkcZK44cqVk3cEw&cry=1&dbm_d=AKAmf-AQyegEkbcd3-bYATSX-zcKvqIrnAR879QOw0C-10MGlOtchZcglaoBv_8Itliy_nJISGCAGXUYhlWaUWkuRMaiynGRyku9Kw2h_FtzBL4gxLiIz49tIfjKhPAOp9UwMO0GnbcCywuGCOPjA9ulKvTOSOxtimkyAcG9JK3zCKQ6t7lhtA-T1rQ0afNktl9rtdyq7O3Ab4m-m4eANdiTSgyn5M6KoyGqb4CuZXz_wPPJEbKmdIZ2nQfv5sO5o1bZUv3swoW-e1G_PnmIE1GTqfPHYantKk1tceZ-sexc7EPTgfPQ23ohswRmNzvK2YL3A01kXQ-aUgy7RH4OjNzC5HshTNDcFpjOhYqAtdDwGP4VnYDM702wmxJqolhwhZ1Felc1Zs48GjjUFNzUdYxayIYLVmBqc0mMm_-hj7upW-tphxhx1wqLx2Nev4afgOsasfDbi8904rBRSUjUbAz1ocYUe-Nkp6L56RmhAjU9fmTqCGiafUXzi_E8T1g4d2NN_bTtbpTaFbFS-7n0bgb0j7ikxflQo_EcHCRRVFArVze4vIMRbp87HLxujXpbwsnfhWHhRRpqWdLdn3Bd4mlUyE6RMo7HBd0sGBFCEo-wYHxUOPnxYBAnCokV0wHzk4NZe26As1Z4KCZ2kdZjX1vsyL_UmQxUxVwCwIUD9EjatEMnRoQPjDu2izJ62HGLG2nbNNKYvftVVN8zKP6dG9daOnbGfMgK4loEdnCVpb1V_Dapw-bv64QlbEAwiPmPNfAxNwcI4LLPxqRPPuOCplI-b4vloD7qD8czm1dPaRmr5YZDb6wmBlAmItdeqjrGVPMkkHahjIprsup9hdKdcyZhyIqhl2OfStew_8DpxnfGBOO5u_TvVkYdhCgAXVq90fj6AykPVsp-0p3lAPmuOLDmXvh4-PgA652Va1ozygXEasa4JHPnxWCwuvhyIN8QwThxEcfLHZzh6nF5ztKu7x-gyTcpXriX9jK8aK1PCvq5d3mLFtCV7RaeDUJOlJR3Jtc5gKYwXHR_H16PZXbtkRfgofLV2vsXD1hNivleoFT-uFt8q8-bzJsOrWI5_HZhYuZLLP80TeuSC0pzg6hIt-WYQXRGW-zkmln3FpTxyszXhAiY_8AGewvFGKn586OK73GatbSGlFnSfQOnDM2dCRt8SZELfJJyDMuEB0MNSSlNKWPrqMHjhJ50_QoV5H8aBaCNgwdmT208pPFSLi9Hs4JszrmLn7e2aukVdrbexO17lhy0ktHnwoj1Zc2N5jiqBtxThViwYAJWACl27Fb_zePcKX8VeELb9Jcu1ta90Sb_65q-L_TMGzc83bbPsqgDaXN-evgnd_4U-pL2HD5D_y2ZPsmnG8-SeqeaaTHUl6C1miuaulP9Mn3PTjEI4pHmSaZnuEjnknPjJWBgCE1wQJ0yWVqlTqe_Q3Y91_nJKlEXv85DkTvQDUH5iP9R908ieQYHWmvQjpE6HJZxDV9F9ZnZVsfGRRMAfI2UJiCaVY5V0tcm4qtfQQqjJu9oGiRKLojAvc-BSn7h1DrASNkaYIQItx-hQWbk_VGe4rpAzCaneXak-KUztbm9Zcb2407psMJief9z5mRlRFG7fNPnpIU2dm_tuDV-ehTKbol9Em2UJgQpsRUv5vvavejLZVpd9hMIGbvsY54WF3GeaOBFhUTgxe5RFDXWuhB8Dw1l1yr_AH6Ls1buBs9YvpwSlyJzCA06Dbr5qZtzwKLWxm9iuvI6fZd7uCL8AJeRaArylpTpOjFUXMNi_1qKljAEvLwzXQ_8H2Cg4aE2qqUx3vgF6MWknXD7o8U_3ZirY9FmbudFl2AN0a1zp-GxMQhnKIeFb5lM5gcQPmYs5Y1XcsGWWoy0Zw1sn_nYrly8qmrgIEHAaaE8MHmdnhYVxkQWUX4qQ3QB0AYITeFCUvjxVnDBO25xguQjC6-Y_5wHhYO2seI6W0HAtHBbAKEhwYwoexGZk1fhivazhLOXjLKS8-C5xG1UtCM_pjW4i2EfpHJDPbHA845UN-Vq_mbSIZSMZACZn5Bxc9E12EvPj38ri55ANva8UCh-VrOslN8JQ0RMtr-Jl0_Lx1CA-i46jbyd_k3YO3m0LMg-avcLV3ukiZmFk7RDIY-xAT9HlW_Rq3Mf6WsqtICmTQ8d73kXmYmdDYIaiA-jtuYPaFNkYo7coO3ijHIP-di-GCBcgocNOZ8usen171eD902AcMG4uLzVle9dyKwywc8LaA20CQ97ElG8PL841IJ9qMvtM3MG7X50daMXPso5I7l6902JRwesyqNiAVirRuQaleWv_9S9-uMqvNGgbzJcmBUjH48MpvqhhoqFGTmAm072phdonWqyun6Pw6CupZWxGScTwzm6ZM2oI_FGX9OeGUj9WquwduENOdM0gku9rsmu2bseqVRT9hmy5x3mk5YEAmjjhz6kPCy7_27zgwzPP5FX3iOB8UjSx-vFXibBIanMZAduUv0XS29YaAW0FvJJZU4iE-iI05mm4M9awsENMC766rgNLJVps5C3XRO9aOBBgAqzJ-Ux13b8xjcC-_6T6BN6D4x0I3kRTCmOlp0F0legAMVnpYpLdQ8Di7DHuRCebB905OomknIfk2O_LhvMhvgfzrh0EGQVBhcYUFxF4jChafJm9wiKJHI69FFK0yH8kaQipm2MX1ucaXwkucyNP6k1ouTtxFKsToAf79J-jHMoDgfz9cWX2F8YOlJTC-xN8Ov-Qp4Bh7gDS78SwxNQ486utk2gmyslrejmmg4aH242tXSpUDs8mrWr7JyFGRlaoTbv2Daxscoj6fYBcsrRjbAS7fN8OpARKNDNHF--Gx1lodaSzRV6ne0sVVvgRiWOYGLEeGxkL0Rj-ysp9hboIIcRXbYFt3yfcMtJ63zQNialm8JdkOV0-S9HgyYwGZ_454n68kXTUvDacb7ftd-nlM0m3SaKd02GVt5Q-i0F_osRPFhBlnmLo6DQfxQssNVlCBSgflSoEtZesVYDFfSXnQUDPrM9V7r7l3g-ryrwaSDZ2roYIV6LEVsil7-r9kuY9gorY53OhjH_aVZBbi5M5-nWDY2v3iIiC7BRPz3LhqQv5mLVWOtGklKBioEEmrmD_biJ_pimnTzstAK0zv-mGEr_Li-Rsn_PQMt3iFLKw1M5-jLZDfL7qp6BRVZ9TGP2C9pEiPfD_BqDUs1wNZUn9UkkjATZY9K8r18coRQazICEj0okfBHSBwW5hTDNj7YaRPiGUTmZCFJ4L4On3ztNIt3lC76U_lNzLenXgF7Erey7zNKMZzx1XTzQrWsJHqhqlIJC4XUozTAQ-dRN5s7958DfxsrSXxmWUHXyhWMwuDx9VGamGiibpoQJ9J_9gD02Jb6I3im1fLdDSRkxgSqHkZrRGiIrssYp3AdgZLsWJADrtBl8P-BFvCXc8EuL-Rdr9WD20R9F_Qw0m_ZxvTf_B--fl2XsD42GRoKkEOiYUaZjB14aTtYIH2VtT80j7hocUXg55w1H0qThnpWz-8UuqcrCLEwWM-YeGrZdW8tOWw8W2WT6LKnJIA9mlGUcfpbBLV_Mr3XRthLn2MCL592wH1cTepaVLqYB62alOcfdNu3_SJRRYscnPsooij9dfD9WLRF18FTVfB4M4rB2CeiDiTOW801BopvHm9c7ZdG0IYLU817KAKbIEpJfbOOxVmrOIlYPzRbc9sy5hoxPwsTkj1iv&cid=CAQSTADUE5yml8zLTRc6PtY7KjblnbG1CfdETS6YCKJ_fRiHzN7RxYMSPzOVYVYN5yWk1-CgLvsxoSKzpf1uWI-MGzrMvx_R-jMlQLjacCAYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Ftinhte.vn%2F&ds=l&xdt=1&iif=1&cor=16794334381798205000&adk=250412560&idt=75&cac=0&dtd=7 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 923e24a6d8021f659c17fbf427e5588be41e266d943a711b5921677186e692c4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Wed, 15 Mar 2023 10:28:37 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35941 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	express_html_inpage_rendering_lib_200_276.js Show response s0.2mdn.net/879366/ Frame 7138	106 KB 37 KB	44ms 12ms	Script text/javascript	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js Requested by Host: tinhte.vn URL: https://tinhte.vn/members/tonic-studios.2969865/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ Origin https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 17:13:19 GMT content-encoding gzip x-content-type-options nosniff age 62118 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 37872 x-xss-protection 0 last-modified Wed, 02 Mar 2022 23:07:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 15 Mar 2023 17:13:19 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20230313/r20110914/elements/html/ Frame 7138	8 KB 3 KB	12ms 11ms	Script text/javascript	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230313/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AnsOxIUK_3Ok4VGi2cX6yblRokjd80n6Iwbq4qZ48ECao_fegW1ICtX2BZruqQVam3ZXPGp8-FsQyKkcZK44cqVk3cEw&cry=1&dbm_d=AKAmf-AQyegEkbcd3-bYATSX-zcKvqIrnAR879QOw0C-10MGlOtchZcglaoBv_8Itliy_nJISGCAGXUYhlWaUWkuRMaiynGRyku9Kw2h_FtzBL4gxLiIz49tIfjKhPAOp9UwMO0GnbcCywuGCOPjA9ulKvTOSOxtimkyAcG9JK3zCKQ6t7lhtA-T1rQ0afNktl9rtdyq7O3Ab4m-m4eANdiTSgyn5M6KoyGqb4CuZXz_wPPJEbKmdIZ2nQfv5sO5o1bZUv3swoW-e1G_PnmIE1GTqfPHYantKk1tceZ-sexc7EPTgfPQ23ohswRmNzvK2YL3A01kXQ-aUgy7RH4OjNzC5HshTNDcFpjOhYqAtdDwGP4VnYDM702wmxJqolhwhZ1Felc1Zs48GjjUFNzUdYxayIYLVmBqc0mMm_-hj7upW-tphxhx1wqLx2Nev4afgOsasfDbi8904rBRSUjUbAz1ocYUe-Nkp6L56RmhAjU9fmTqCGiafUXzi_E8T1g4d2NN_bTtbpTaFbFS-7n0bgb0j7ikxflQo_EcHCRRVFArVze4vIMRbp87HLxujXpbwsnfhWHhRRpqWdLdn3Bd4mlUyE6RMo7HBd0sGBFCEo-wYHxUOPnxYBAnCokV0wHzk4NZe26As1Z4KCZ2kdZjX1vsyL_UmQxUxVwCwIUD9EjatEMnRoQPjDu2izJ62HGLG2nbNNKYvftVVN8zKP6dG9daOnbGfMgK4loEdnCVpb1V_Dapw-bv64QlbEAwiPmPNfAxNwcI4LLPxqRPPuOCplI-b4vloD7qD8czm1dPaRmr5YZDb6wmBlAmItdeqjrGVPMkkHahjIprsup9hdKdcyZhyIqhl2OfStew_8DpxnfGBOO5u_TvVkYdhCgAXVq90fj6AykPVsp-0p3lAPmuOLDmXvh4-PgA652Va1ozygXEasa4JHPnxWCwuvhyIN8QwThxEcfLHZzh6nF5ztKu7x-gyTcpXriX9jK8aK1PCvq5d3mLFtCV7RaeDUJOlJR3Jtc5gKYwXHR_H16PZXbtkRfgofLV2vsXD1hNivleoFT-uFt8q8-bzJsOrWI5_HZhYuZLLP80TeuSC0pzg6hIt-WYQXRGW-zkmln3FpTxyszXhAiY_8AGewvFGKn586OK73GatbSGlFnSfQOnDM2dCRt8SZELfJJyDMuEB0MNSSlNKWPrqMHjhJ50_QoV5H8aBaCNgwdmT208pPFSLi9Hs4JszrmLn7e2aukVdrbexO17lhy0ktHnwoj1Zc2N5jiqBtxThViwYAJWACl27Fb_zePcKX8VeELb9Jcu1ta90Sb_65q-L_TMGzc83bbPsqgDaXN-evgnd_4U-pL2HD5D_y2ZPsmnG8-SeqeaaTHUl6C1miuaulP9Mn3PTjEI4pHmSaZnuEjnknPjJWBgCE1wQJ0yWVqlTqe_Q3Y91_nJKlEXv85DkTvQDUH5iP9R908ieQYHWmvQjpE6HJZxDV9F9ZnZVsfGRRMAfI2UJiCaVY5V0tcm4qtfQQqjJu9oGiRKLojAvc-BSn7h1DrASNkaYIQItx-hQWbk_VGe4rpAzCaneXak-KUztbm9Zcb2407psMJief9z5mRlRFG7fNPnpIU2dm_tuDV-ehTKbol9Em2UJgQpsRUv5vvavejLZVpd9hMIGbvsY54WF3GeaOBFhUTgxe5RFDXWuhB8Dw1l1yr_AH6Ls1buBs9YvpwSlyJzCA06Dbr5qZtzwKLWxm9iuvI6fZd7uCL8AJeRaArylpTpOjFUXMNi_1qKljAEvLwzXQ_8H2Cg4aE2qqUx3vgF6MWknXD7o8U_3ZirY9FmbudFl2AN0a1zp-GxMQhnKIeFb5lM5gcQPmYs5Y1XcsGWWoy0Zw1sn_nYrly8qmrgIEHAaaE8MHmdnhYVxkQWUX4qQ3QB0AYITeFCUvjxVnDBO25xguQjC6-Y_5wHhYO2seI6W0HAtHBbAKEhwYwoexGZk1fhivazhLOXjLKS8-C5xG1UtCM_pjW4i2EfpHJDPbHA845UN-Vq_mbSIZSMZACZn5Bxc9E12EvPj38ri55ANva8UCh-VrOslN8JQ0RMtr-Jl0_Lx1CA-i46jbyd_k3YO3m0LMg-avcLV3ukiZmFk7RDIY-xAT9HlW_Rq3Mf6WsqtICmTQ8d73kXmYmdDYIaiA-jtuYPaFNkYo7coO3ijHIP-di-GCBcgocNOZ8usen171eD902AcMG4uLzVle9dyKwywc8LaA20CQ97ElG8PL841IJ9qMvtM3MG7X50daMXPso5I7l6902JRwesyqNiAVirRuQaleWv_9S9-uMqvNGgbzJcmBUjH48MpvqhhoqFGTmAm072phdonWqyun6Pw6CupZWxGScTwzm6ZM2oI_FGX9OeGUj9WquwduENOdM0gku9rsmu2bseqVRT9hmy5x3mk5YEAmjjhz6kPCy7_27zgwzPP5FX3iOB8UjSx-vFXibBIanMZAduUv0XS29YaAW0FvJJZU4iE-iI05mm4M9awsENMC766rgNLJVps5C3XRO9aOBBgAqzJ-Ux13b8xjcC-_6T6BN6D4x0I3kRTCmOlp0F0legAMVnpYpLdQ8Di7DHuRCebB905OomknIfk2O_LhvMhvgfzrh0EGQVBhcYUFxF4jChafJm9wiKJHI69FFK0yH8kaQipm2MX1ucaXwkucyNP6k1ouTtxFKsToAf79J-jHMoDgfz9cWX2F8YOlJTC-xN8Ov-Qp4Bh7gDS78SwxNQ486utk2gmyslrejmmg4aH242tXSpUDs8mrWr7JyFGRlaoTbv2Daxscoj6fYBcsrRjbAS7fN8OpARKNDNHF--Gx1lodaSzRV6ne0sVVvgRiWOYGLEeGxkL0Rj-ysp9hboIIcRXbYFt3yfcMtJ63zQNialm8JdkOV0-S9HgyYwGZ_454n68kXTUvDacb7ftd-nlM0m3SaKd02GVt5Q-i0F_osRPFhBlnmLo6DQfxQssNVlCBSgflSoEtZesVYDFfSXnQUDPrM9V7r7l3g-ryrwaSDZ2roYIV6LEVsil7-r9kuY9gorY53OhjH_aVZBbi5M5-nWDY2v3iIiC7BRPz3LhqQv5mLVWOtGklKBioEEmrmD_biJ_pimnTzstAK0zv-mGEr_Li-Rsn_PQMt3iFLKw1M5-jLZDfL7qp6BRVZ9TGP2C9pEiPfD_BqDUs1wNZUn9UkkjATZY9K8r18coRQazICEj0okfBHSBwW5hTDNj7YaRPiGUTmZCFJ4L4On3ztNIt3lC76U_lNzLenXgF7Erey7zNKMZzx1XTzQrWsJHqhqlIJC4XUozTAQ-dRN5s7958DfxsrSXxmWUHXyhWMwuDx9VGamGiibpoQJ9J_9gD02Jb6I3im1fLdDSRkxgSqHkZrRGiIrssYp3AdgZLsWJADrtBl8P-BFvCXc8EuL-Rdr9WD20R9F_Qw0m_ZxvTf_B--fl2XsD42GRoKkEOiYUaZjB14aTtYIH2VtT80j7hocUXg55w1H0qThnpWz-8UuqcrCLEwWM-YeGrZdW8tOWw8W2WT6LKnJIA9mlGUcfpbBLV_Mr3XRthLn2MCL592wH1cTepaVLqYB62alOcfdNu3_SJRRYscnPsooij9dfD9WLRF18FTVfB4M4rB2CeiDiTOW801BopvHm9c7ZdG0IYLU817KAKbIEpJfbOOxVmrOIlYPzRbc9sy5hoxPwsTkj1iv&cid=CAQSTADUE5yml8zLTRc6PtY7KjblnbG1CfdETS6YCKJ_fRiHzN7RxYMSPzOVYVYN5yWk1-CgLvsxoSKzpf1uWI-MGzrMvx_R-jMlQLjacCAYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Ftinhte.vn%2F&ds=l&xdt=1&iif=1&cor=16794334381798205000&adk=250412560&idt=75&cac=0&dtd=7 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash 855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 14:30:09 GMT content-encoding br x-content-type-options nosniff age 71908 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3023 x-xss-protection 0 server cafe etag 4221495933888618527 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 28 Mar 2023 14:30:09 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20230313/r20110914/ Frame 7138	28 KB 11 KB	12ms 12ms	Script text/javascript	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230313/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AnsOxIUK_3Ok4VGi2cX6yblRokjd80n6Iwbq4qZ48ECao_fegW1ICtX2BZruqQVam3ZXPGp8-FsQyKkcZK44cqVk3cEw&cry=1&dbm_d=AKAmf-AQyegEkbcd3-bYATSX-zcKvqIrnAR879QOw0C-10MGlOtchZcglaoBv_8Itliy_nJISGCAGXUYhlWaUWkuRMaiynGRyku9Kw2h_FtzBL4gxLiIz49tIfjKhPAOp9UwMO0GnbcCywuGCOPjA9ulKvTOSOxtimkyAcG9JK3zCKQ6t7lhtA-T1rQ0afNktl9rtdyq7O3Ab4m-m4eANdiTSgyn5M6KoyGqb4CuZXz_wPPJEbKmdIZ2nQfv5sO5o1bZUv3swoW-e1G_PnmIE1GTqfPHYantKk1tceZ-sexc7EPTgfPQ23ohswRmNzvK2YL3A01kXQ-aUgy7RH4OjNzC5HshTNDcFpjOhYqAtdDwGP4VnYDM702wmxJqolhwhZ1Felc1Zs48GjjUFNzUdYxayIYLVmBqc0mMm_-hj7upW-tphxhx1wqLx2Nev4afgOsasfDbi8904rBRSUjUbAz1ocYUe-Nkp6L56RmhAjU9fmTqCGiafUXzi_E8T1g4d2NN_bTtbpTaFbFS-7n0bgb0j7ikxflQo_EcHCRRVFArVze4vIMRbp87HLxujXpbwsnfhWHhRRpqWdLdn3Bd4mlUyE6RMo7HBd0sGBFCEo-wYHxUOPnxYBAnCokV0wHzk4NZe26As1Z4KCZ2kdZjX1vsyL_UmQxUxVwCwIUD9EjatEMnRoQPjDu2izJ62HGLG2nbNNKYvftVVN8zKP6dG9daOnbGfMgK4loEdnCVpb1V_Dapw-bv64QlbEAwiPmPNfAxNwcI4LLPxqRPPuOCplI-b4vloD7qD8czm1dPaRmr5YZDb6wmBlAmItdeqjrGVPMkkHahjIprsup9hdKdcyZhyIqhl2OfStew_8DpxnfGBOO5u_TvVkYdhCgAXVq90fj6AykPVsp-0p3lAPmuOLDmXvh4-PgA652Va1ozygXEasa4JHPnxWCwuvhyIN8QwThxEcfLHZzh6nF5ztKu7x-gyTcpXriX9jK8aK1PCvq5d3mLFtCV7RaeDUJOlJR3Jtc5gKYwXHR_H16PZXbtkRfgofLV2vsXD1hNivleoFT-uFt8q8-bzJsOrWI5_HZhYuZLLP80TeuSC0pzg6hIt-WYQXRGW-zkmln3FpTxyszXhAiY_8AGewvFGKn586OK73GatbSGlFnSfQOnDM2dCRt8SZELfJJyDMuEB0MNSSlNKWPrqMHjhJ50_QoV5H8aBaCNgwdmT208pPFSLi9Hs4JszrmLn7e2aukVdrbexO17lhy0ktHnwoj1Zc2N5jiqBtxThViwYAJWACl27Fb_zePcKX8VeELb9Jcu1ta90Sb_65q-L_TMGzc83bbPsqgDaXN-evgnd_4U-pL2HD5D_y2ZPsmnG8-SeqeaaTHUl6C1miuaulP9Mn3PTjEI4pHmSaZnuEjnknPjJWBgCE1wQJ0yWVqlTqe_Q3Y91_nJKlEXv85DkTvQDUH5iP9R908ieQYHWmvQjpE6HJZxDV9F9ZnZVsfGRRMAfI2UJiCaVY5V0tcm4qtfQQqjJu9oGiRKLojAvc-BSn7h1DrASNkaYIQItx-hQWbk_VGe4rpAzCaneXak-KUztbm9Zcb2407psMJief9z5mRlRFG7fNPnpIU2dm_tuDV-ehTKbol9Em2UJgQpsRUv5vvavejLZVpd9hMIGbvsY54WF3GeaOBFhUTgxe5RFDXWuhB8Dw1l1yr_AH6Ls1buBs9YvpwSlyJzCA06Dbr5qZtzwKLWxm9iuvI6fZd7uCL8AJeRaArylpTpOjFUXMNi_1qKljAEvLwzXQ_8H2Cg4aE2qqUx3vgF6MWknXD7o8U_3ZirY9FmbudFl2AN0a1zp-GxMQhnKIeFb5lM5gcQPmYs5Y1XcsGWWoy0Zw1sn_nYrly8qmrgIEHAaaE8MHmdnhYVxkQWUX4qQ3QB0AYITeFCUvjxVnDBO25xguQjC6-Y_5wHhYO2seI6W0HAtHBbAKEhwYwoexGZk1fhivazhLOXjLKS8-C5xG1UtCM_pjW4i2EfpHJDPbHA845UN-Vq_mbSIZSMZACZn5Bxc9E12EvPj38ri55ANva8UCh-VrOslN8JQ0RMtr-Jl0_Lx1CA-i46jbyd_k3YO3m0LMg-avcLV3ukiZmFk7RDIY-xAT9HlW_Rq3Mf6WsqtICmTQ8d73kXmYmdDYIaiA-jtuYPaFNkYo7coO3ijHIP-di-GCBcgocNOZ8usen171eD902AcMG4uLzVle9dyKwywc8LaA20CQ97ElG8PL841IJ9qMvtM3MG7X50daMXPso5I7l6902JRwesyqNiAVirRuQaleWv_9S9-uMqvNGgbzJcmBUjH48MpvqhhoqFGTmAm072phdonWqyun6Pw6CupZWxGScTwzm6ZM2oI_FGX9OeGUj9WquwduENOdM0gku9rsmu2bseqVRT9hmy5x3mk5YEAmjjhz6kPCy7_27zgwzPP5FX3iOB8UjSx-vFXibBIanMZAduUv0XS29YaAW0FvJJZU4iE-iI05mm4M9awsENMC766rgNLJVps5C3XRO9aOBBgAqzJ-Ux13b8xjcC-_6T6BN6D4x0I3kRTCmOlp0F0legAMVnpYpLdQ8Di7DHuRCebB905OomknIfk2O_LhvMhvgfzrh0EGQVBhcYUFxF4jChafJm9wiKJHI69FFK0yH8kaQipm2MX1ucaXwkucyNP6k1ouTtxFKsToAf79J-jHMoDgfz9cWX2F8YOlJTC-xN8Ov-Qp4Bh7gDS78SwxNQ486utk2gmyslrejmmg4aH242tXSpUDs8mrWr7JyFGRlaoTbv2Daxscoj6fYBcsrRjbAS7fN8OpARKNDNHF--Gx1lodaSzRV6ne0sVVvgRiWOYGLEeGxkL0Rj-ysp9hboIIcRXbYFt3yfcMtJ63zQNialm8JdkOV0-S9HgyYwGZ_454n68kXTUvDacb7ftd-nlM0m3SaKd02GVt5Q-i0F_osRPFhBlnmLo6DQfxQssNVlCBSgflSoEtZesVYDFfSXnQUDPrM9V7r7l3g-ryrwaSDZ2roYIV6LEVsil7-r9kuY9gorY53OhjH_aVZBbi5M5-nWDY2v3iIiC7BRPz3LhqQv5mLVWOtGklKBioEEmrmD_biJ_pimnTzstAK0zv-mGEr_Li-Rsn_PQMt3iFLKw1M5-jLZDfL7qp6BRVZ9TGP2C9pEiPfD_BqDUs1wNZUn9UkkjATZY9K8r18coRQazICEj0okfBHSBwW5hTDNj7YaRPiGUTmZCFJ4L4On3ztNIt3lC76U_lNzLenXgF7Erey7zNKMZzx1XTzQrWsJHqhqlIJC4XUozTAQ-dRN5s7958DfxsrSXxmWUHXyhWMwuDx9VGamGiibpoQJ9J_9gD02Jb6I3im1fLdDSRkxgSqHkZrRGiIrssYp3AdgZLsWJADrtBl8P-BFvCXc8EuL-Rdr9WD20R9F_Qw0m_ZxvTf_B--fl2XsD42GRoKkEOiYUaZjB14aTtYIH2VtT80j7hocUXg55w1H0qThnpWz-8UuqcrCLEwWM-YeGrZdW8tOWw8W2WT6LKnJIA9mlGUcfpbBLV_Mr3XRthLn2MCL592wH1cTepaVLqYB62alOcfdNu3_SJRRYscnPsooij9dfD9WLRF18FTVfB4M4rB2CeiDiTOW801BopvHm9c7ZdG0IYLU817KAKbIEpJfbOOxVmrOIlYPzRbc9sy5hoxPwsTkj1iv&cid=CAQSTADUE5yml8zLTRc6PtY7KjblnbG1CfdETS6YCKJ_fRiHzN7RxYMSPzOVYVYN5yWk1-CgLvsxoSKzpf1uWI-MGzrMvx_R-jMlQLjacCAYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Ftinhte.vn%2F&ds=l&xdt=1&iif=1&cor=16794334381798205000&adk=250412560&idt=75&cac=0&dtd=7 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash 80e6e26c955ada308d43c0df95285ef1f9c3642bf45647a92eaa7aa7ccde1853 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 03:13:26 GMT content-encoding br x-content-type-options nosniff age 26111 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 10964 x-xss-protection 0 server cafe etag 16728461614556933246 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 29 Mar 2023 03:13:26 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 7138	41 KB 15 KB	12ms 12ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: 827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com URL: https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 08 Mar 2023 12:23:19 GMT content-encoding gzip x-content-type-options nosniff age 597918 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 07 Mar 2024 12:23:19 GMT
GET DATA	200 OK	truncated / Frame 7138	219 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e8e44d9cafd46fd1a713cdfe15cb439c483c32dabb4d766b571a6cfa8a66252f Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Content-Type image/png
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 7214	22 KB 8 KB	12ms 12ms	Document text/html	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 329575 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Sat, 11 Mar 2023 14:55:42 GMT expires Sun, 10 Mar 2024 14:55:42 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/9240792065933956718/ Frame AF71	100 KB 23 KB	38ms 12ms	Document text/html	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/9240792065933956718/index.html Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b961677c2259d951c369b7958acaf545d98224f20ae1c4c3914afd5e5826b498 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 523705 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 23378 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Thu, 09 Mar 2023 09:00:12 GMT expires Fri, 08 Mar 2024 09:00:12 GMT last-modified Wed, 31 Aug 2022 08:50:56 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 7138	0 0	109ms 57ms	Fetch image/gif	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstQY7H-zhE_DtV8mmnTJdJsxYfQHPDU_RfJO6TsNVNJe9JmVKGhaG1stH1ykYgknVs1fsbUnOWam8osg-_yOfnpSw5biZlIZcPCWouBhL38TXs__PIr7HIZpCabBBiSXan9wJCSY4GzcZ8lADVmXviAHJXEP8YvPhFZj3IxJ2zS4MOC8s6ac3ujANse6xDEL3r-cDF0IkNRFlLyp7F1eYuA95sFSwertmDB5ET7XtiJAKzfIVCeYZwy5yfHtQJJui7_oTXVA4_CCmNgHeGFF0O7L-MAcgm3HRjVCog7F2iAzl5RK_mQft22V9nD6Et0ODPK3F_WFKjBd2VShSJbCrZFEJX_k0byE9EL3YguceRWJ0XzcNnZ_tnWprzfovF6OoKzNHBEUB6-o2u3aCXQQc1Z9KupPX2_Tqx_zHpVXJ3GczQNqKEFokMtU0mHywE7uJKscU6KAv_-0FEPzWBc8WHsF6VkS4yRmdPVys0ymW8FWbUAnetuz7UxvRxg5k2s_e7eeEvsckdIJkMAeeaALe4-JyLAqwG9ZbXWRKw4t7RmO-5zlAmSGJbM19kV91KzNNvhbkO00zhjQpYgvSfMpCikIehjBjNgmFBX4KFTD85LSfRK4zjbl6cd1y1yGAHZGiO6pzq4b4bmR7END2DZwzqIEKzhURUDNSq9qIy6lWf2o2wff1_NMTKnGToU7PPg7uDVchhytjpYwcn6GJBOxVfYIV8NlW9tuepJ3aUX-12XXWVvlOR0tqBzmDj69OMmVHJ19SUVUUW-n-hcixWkONg0ujhJin7dQ1Hpuhfsrsp9iQ7dtuTzTdX-ahLy_iPc0W4y_jv6BX8hx8oHkp_FZ8RZ_lWCwUuzv0r4Q1MRxcMGNKIL6oa1PBtneaHC9tu_WRtNx8GuViRD50RAKXlCPpW0p6a29S3p62sBD5zTA6_A1ECIezctE7-XAyuVjtwJ7hUZffqKeZyBrgW7v8i9DimiTgsA1F8QaW-zDnYwN5y_B1gaPTngS8hMs2tWCuzeu8deSa8t_b3jK5H0aCZ9c6xXEHdbKNW-He3JKB98VeQ37TvOvTB4dYWLrTQHYbm3d6mDxFU2OnDCMrR95O7ex4grig-qdkkvaIEcfV6XCZt5Tjw-vMBomqOEkRrqT8uRTFZ8PB7cai6yRT7yqzyjxvFAWAdVHwT4hGme7YEVq8jrO8ynPZ10l80dTtMLA5Egy9oMNK-5pWLNKexhgMlIdQ3atgfHw_2ppkG0c55SYINEyOpThUkDDU9f7-okF0OTeNAObAk&sai=AMfl-YTDWNB_ujEoawfZMYfND0pOztiWXYWJTEItlrdjwd3jWkdw1E_sy0N-fcbz0RUiVzsZfFHhr5K_m5MgrLDl_CMMcb4tsc-j4JYunZjhIEKVvhJX8waSZBpU2sDu4TGwpqx84l-UCEndmvXLrcH3-ldlAd884Vdj-d5LvttXSEeMozHKpWysZAc8y6Ll3rqpA_Th_uvwKmFKTmy2wAYBppWUj7eeFvHRR1xJ4_2uixWhv7eeQ9kpCKQ2o4ApZ7G8I5rdqeKOE157ZhUaNQtUj6i9m2a-Ndk_QM3w&sig=Cg0ArKJSzNUOith_c0MQEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=93&cbvp=1&cstd=89&cisv=r20230313.52041&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl= Requested by Host: tinhte.vn URL: https://tinhte.vn/members/tonic-studios.2969865/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Wed, 15 Mar 2023 10:28:37 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Wed, 15 Mar 2023 10:28:37 GMT
GET H2	200	/ track.adform.net/adfserve/ Frame 7138 Redirect Chain https://track.adform.net/adfserve/?bn=57168254;1x1inv=1;srctype=3;ord=2614447395 https://track.adform.net/adfserve/?CC=1&bn=57168254;1x1inv=1;srctype=3;ord=2614447395	35 B 519 B	30ms 30ms	Image image/gif	37.157.4.28 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://track.adform.net/adfserve/?CC=1&bn=57168254;1x1inv=1;srctype=3;ord=2614447395 Requested by Host: 827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com URL: https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 37.157.4.28 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Wed, 15 Mar 2023 10:28:37 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version content-type image/gif access-control-allow-origin * p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" cache-control no-cache, no-store, must-revalidate, no-transform expires -1 Redirect headers pragma no-cache date Wed, 15 Mar 2023 10:28:37 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version content-type text/html; charset=utf-8 location https://track.adform.net/adfserve/?CC=1&bn=57168254;1x1inv=1;srctype=3;ord=2614447395 access-control-allow-origin * p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" cache-control no-cache, no-store, must-revalidate, no-transform expires -1
GET H3	200	sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js Show response pagead2.googlesyndication.com/bg/ Frame 7214	36 KB 14 KB	12ms 12ms	Script text/javascript	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software sffe / Resource Hash b00ad1beb37a235f3d76b8c5e8e7ff4d0e978bfd09af561448ae81776767c9e2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Sun, 12 Mar 2023 09:28:59 GMT content-encoding br x-content-type-options nosniff age 262778 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14292 x-xss-protection 0 last-modified Mon, 06 Mar 2023 11:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 11 Mar 2024 09:28:59 GMT
GET H3	200	DcmEnabler_01_247.js Show response s0.2mdn.net/879366/ Frame AF71	29 KB 10 KB	12ms 12ms	Script text/javascript	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/DcmEnabler_01_247.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/9240792065933956718/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/9240792065933956718/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 11:55:19 GMT content-encoding gzip x-content-type-options nosniff age 81198 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 10136 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:45:03 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 15 Mar 2023 11:55:19 GMT
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 7138	0 0	49ms 49ms	Fetch image/gif	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstQY7H-zhE_DtV8mmnTJdJsxYfQHPDU_RfJO6TsNVNJe9JmVKGhaG1stH1ykYgknVs1fsbUnOWam8osg-_yOfnpSw5biZlIZcPCWouBhL38TXs__PIr7HIZpCabBBiSXan9wJCSY4GzcZ8lADVmXviAHJXEP8YvPhFZj3IxJ2zS4MOC8s6ac3ujANse6xDEL3r-cDF0IkNRFlLyp7F1eYuA95sFSwertmDB5ET7XtiJAKzfIVCeYZwy5yfHtQJJui7_oTXVA4_CCmNgHeGFF0O7L-MAcgm3HRjVCog7F2iAzl5RK_mQft22V9nD6Et0ODPK3F_WFKjBd2VShSJbCrZFEJX_k0byE9EL3YguceRWJ0XzcNnZ_tnWprzfovF6OoKzNHBEUB6-o2u3aCXQQc1Z9KupPX2_Tqx_zHpVXJ3GczQNqKEFokMtU0mHywE7uJKscU6KAv_-0FEPzWBc8WHsF6VkS4yRmdPVys0ymW8FWbUAnetuz7UxvRxg5k2s_e7eeEvsckdIJkMAeeaALe4-JyLAqwG9ZbXWRKw4t7RmO-5zlAmSGJbM19kV91KzNNvhbkO00zhjQpYgvSfMpCikIehjBjNgmFBX4KFTD85LSfRK4zjbl6cd1y1yGAHZGiO6pzq4b4bmR7END2DZwzqIEKzhURUDNSq9qIy6lWf2o2wff1_NMTKnGToU7PPg7uDVchhytjpYwcn6GJBOxVfYIV8NlW9tuepJ3aUX-12XXWVvlOR0tqBzmDj69OMmVHJ19SUVUUW-n-hcixWkONg0ujhJin7dQ1Hpuhfsrsp9iQ7dtuTzTdX-ahLy_iPc0W4y_jv6BX8hx8oHkp_FZ8RZ_lWCwUuzv0r4Q1MRxcMGNKIL6oa1PBtneaHC9tu_WRtNx8GuViRD50RAKXlCPpW0p6a29S3p62sBD5zTA6_A1ECIezctE7-XAyuVjtwJ7hUZffqKeZyBrgW7v8i9DimiTgsA1F8QaW-zDnYwN5y_B1gaPTngS8hMs2tWCuzeu8deSa8t_b3jK5H0aCZ9c6xXEHdbKNW-He3JKB98VeQ37TvOvTB4dYWLrTQHYbm3d6mDxFU2OnDCMrR95O7ex4grig-qdkkvaIEcfV6XCZt5Tjw-vMBomqOEkRrqT8uRTFZ8PB7cai6yRT7yqzyjxvFAWAdVHwT4hGme7YEVq8jrO8ynPZ10l80dTtMLA5Egy9oMNK-5pWLNKexhgMlIdQ3atgfHw_2ppkG0c55SYINEyOpThUkDDU9f7-okF0OTeNAObAk&sai=AMfl-YTDWNB_ujEoawfZMYfND0pOztiWXYWJTEItlrdjwd3jWkdw1E_sy0N-fcbz0RUiVzsZfFHhr5K_m5MgrLDl_CMMcb4tsc-j4JYunZjhIEKVvhJX8waSZBpU2sDu4TGwpqx84l-UCEndmvXLrcH3-ldlAd884Vdj-d5LvttXSEeMozHKpWysZAc8y6Ll3rqpA_Th_uvwKmFKTmy2wAYBppWUj7eeFvHRR1xJ4_2uixWhv7eeQ9kpCKQ2o4ApZ7G8I5rdqeKOE157ZhUaNQtUj6i9m2a-Ndk_QM3w&sig=Cg0ArKJSzNUOith_c0MQEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=172&vt=11&dtpt=79&dett=3&cstd=89&cisv=r20230313.52041&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl= Requested by Host: tinhte.vn URL: https://tinhte.vn/members/tonic-studios.2969865/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 10:28:37 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Wed, 15 Mar 2023 10:28:37 GMT
GET H3	200	cta-hover.svg s0.2mdn.net/sadbundle/9240792065933956718/ Frame AF71	5 KB 1 KB	13ms 13ms	Image image/svg+xml	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/9240792065933956718/cta-hover.svg Requested by Host: 827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com URL: https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a2cc8907280ef84deb7d0b1f9e75ef539f19bb83b457500338f0d54753bf2540 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/9240792065933956718/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 08 Mar 2023 10:45:08 GMT content-encoding gzip x-content-type-options nosniff age 603809 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1368 x-xss-protection 0 last-modified Wed, 31 Aug 2022 08:50:56 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 07 Mar 2024 10:45:08 GMT
GET H3	200	cta.svg s0.2mdn.net/sadbundle/9240792065933956718/ Frame AF71	5 KB 1 KB	17ms 16ms	Image image/svg+xml	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/9240792065933956718/cta.svg Requested by Host: 827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com URL: https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bc1e7b115cf9262d384f8ad4d2507af79b8f003cb7f5952e8b63bd0dedb61d95 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/9240792065933956718/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Fri, 10 Mar 2023 09:00:13 GMT content-encoding gzip x-content-type-options nosniff age 437304 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1369 x-xss-protection 0 last-modified Wed, 31 Aug 2022 08:50:56 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 09 Mar 2024 09:00:13 GMT
GET H3	200	h1.svg s0.2mdn.net/sadbundle/9240792065933956718/ Frame AF71	9 KB 3 KB	17ms 16ms	Image image/svg+xml	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/9240792065933956718/h1.svg Requested by Host: 827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com URL: https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5e95d6c075497a5422a1d7fcb8b174dd09fd8b496e48d821294808babe1b8772 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/9240792065933956718/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 08 Mar 2023 10:45:08 GMT content-encoding gzip x-content-type-options nosniff age 603809 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2539 x-xss-protection 0 last-modified Wed, 31 Aug 2022 08:50:56 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 07 Mar 2024 10:45:08 GMT
GET H3	200	Asset_1.svg s0.2mdn.net/sadbundle/9240792065933956718/ Frame AF71	37 KB 26 KB	14ms 13ms	Image image/svg+xml	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/9240792065933956718/Asset_1.svg Requested by Host: 827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com URL: https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5530b77eb96e2c17118058d2c39e4e7d3bbaa1417f4297ee85a33d2a05639120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/9240792065933956718/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 08 Mar 2023 10:45:08 GMT content-encoding gzip x-content-type-options nosniff age 603809 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26126 x-xss-protection 0 last-modified Wed, 31 Aug 2022 08:50:56 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 07 Mar 2024 10:45:08 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 7214	0 20 B	50ms 50ms	Image image/gif	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BtOTS1Z0RZIfgBPD67_UP9POWkAwAAAAAOAHgBAI&bg=!FxSlFEDNAAZKh9k7aoc7ADkAdvg8WqK15VeioMR4_XRJI4RPsyf69xMWSSLK6JO2DkxxGWeNmUKRuCxvzfMh5J84bMD4JtBrWS8CAAAAbFIAAAACaAEHCgBUvSCFlwvPx-FRwRUeCmNUG3g3OUuWHa261fZsh366jOKxkSsWenAUpygMM980BxvICxBeBBqY4NmHNs9ISPfOVFjzIxiVhlpqIxLsPTbYSLt_Rw3OmQL6DQGOiZUjx_5oRbrmRECsIwZckycA6um0ChWTFAmqDdZdjFzv3_nBes8vgC6enuqDEtfI_LR1kFzl-c5g8ZJYU9wTSxrNRG2OfukJBq6HJeEMk715VCD0-sksVYmMImBi0ncCJP9RB4lCtTgIFSMhI_tF1p55juUYd_3uZhiU7Y4H00VwNsEv3RzmLn2j5dD5dnwF8-eBcjO_79BYg6tVpQCPpUrHHfLBGvH9djrKnVr6f5HGtVSiBOdOeVSjARXrHerWIJhD5ORaWtoZluB4X0Hy_XlpE-FEM7V3w8aOB65jxMsSyM6MXoStfZcQCAfuEY4bqt3yMLnQdiwH0T4KsyiZOBKNS1iH0ZI8SgKjjHymVBEySw6ovtBnP68cLzBjMWCr0P-x_EUhDCogo8j1wilxXuHKGcg7Tf7fEkDyI_sE4CHJpbmReCeoz48meQilfuZIUIwZkFzrH4hE_9w_s92Se8C0JI6CTe3KykTtcnRMPZXECNCK3GGwT9kyDTlZ3Y9PyKBQ87ZVUzwnWNIBkJUbhEK27j120uaeU2baDFm3RxEALiG3_1KFnkK32Gbi5yTsd2NG9xbGMn1SMScxe41MR3bf_V9ol4fNRLWsfQJBLGObTKYK1kSm2rjl-qM1dFJf5DPC0LVvKyvss1BkD_2nXiAof7Q13c2LlZBfbH3MAogKJPHJfB0mNKWe5gOxUtlny7FyRgwxGGMnjP-BBjBgOoujqAdkwHhHWfuyPv9lQZS7BqbHuEZGEBVtRH9d6AqpCni3CSYAj_bPabNo0M6ND0gExYGkSm6hnlLF7cd2iJQa94rBXcjFTMmgw-63m69cBzzLIEThZO91901bZQrPOGJeKKOPAKD1rqgvs9mWwbmbAOHCqN1VHQSyKE-58R8kQvBHvWTKSxUn_LijwRtjPWkpyra5jXiDUNoTeuw1gLrhNoNrfS_W-LIqwjtteMaT_28NQqpgzERZkbeDc7KuT8To-QU95w-FcF5paH4aTfW39Pw1XNhS Requested by Host: 827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com URL: https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Wed, 15 Mar 2023 10:28:37 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 5797	0 20 B	46ms 45ms	Ping image/gif	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5721240424975&version=m202301230201 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Wed, 15 Mar 2023 10:28:37 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 5797	0 20 B	46ms 45ms	Ping image/gif	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5721240424975&version=m202301230201&ct=76&x=1&cor=12201777621400467000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Wed, 15 Mar 2023 10:28:37 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 5797	88 KB 36 KB	62ms 62ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DD1yeG4P3V8CH6n1q4F-Y57xAkegrlye5ufFaUEq96OfgXPk5RRt0fy8ro_rzPzDZuswcT7bKJLlp_bsQPRKPM56j3r2_eJYyZYSrA6HCPAG7Ushk&cry=1&dbm_d=AKAmf-D_-GJrsdOWJiCx49gXDBl7aojErDP6tQSpxMlpBtCoDyDtt391B_G9pi5xPmWJ04Zpujw_xPmKbZ9eDzIG8koW-2DsUaZllwJR-7kdqU9BT-1P9kiptYnBu6l_1uBSGYbnVfuvhRmi64s6SfVbxPy-gysUcufsrm4Be6uDP0I9skU_SGfqgFqJorOF_Lhlh2qg4_TtCDr2xgprH-XKLefUaBPyXM0cRDhL7jGcBpOe8thnmCVPqp8RqsKWmOC2TQvFAXTZpbhYLBrDZIIpJDQXQbrhUxeErTH-hYmBe2HCBFCB5nq1sdPqOshy7z68nVvXmJPRo-xhguy8CEGpTVOeirq3K9qjaafc9-ZbSKTT0RVl-msWzclKeqaQU66H6BZLXvJD8XeA9wf-vyNtlqs6Pgc5Men8Ws1NVyOMWejTzh_3Pgdf8OyFjFVSmGoZRwkEYFJHbchdTMixXNuPQt3q_JdQSAjVxu2hGkUvJzZI59fQsHLLsyCf6EgAVq-cf4VTUWRFuXIG-ViJoEKEJFc9Nr3IjrgJnneICdA9UcsS1ZWzQDtGapvR3dqRbCVl88zg4O-vUQyy6D6FhictYHjVCrVe_c2EQGfpIHV9TRRT77twB4IsxwCrIzA1hIpKSxNuk26hJHsMWIvSRA0hQ0jn18E7QEbQIEqg5nXk6wv2G4ER51fnONOE-XW0qNBYkpPgeK4EvXaJpmgCUgMLRqijVa_YDqZZEoReqG3CDiNxGp0RfWLVGDA3ilpJSd5j3ij1yq9f1oNqx32JXeXE26KSs5mS6pb3kscx_qXSGKothGhhRWU4O4-LYwxvbBetcwcLC10ZzMO8spsbbHGD2rghptPkO_w1sPZhq2i15de_NIGGIYGlbHcpMIjmDxf1kke4v7Cqma14Z-jKPNGDwsolgThX3c-LIvsiFRm8ZNRmMFkEY3uL1LucLOGzqPldpDAT9gNv1bsPlL_4tqQA3jj9isZhG7V4cnGNqczmmD96f94xcZQZQVz9USHAm1d-V7Up_2DRMSI7Wo3TxBQ25U54B1gh3PdSTpbngQiEK1lCC1iKCv_v6EkX5q-bo2Km22vFsdpTnEctkfxZrcYC2XRkS9iaohL6xwfOr_9MUh5fL-91IVD_eTnWsSplXNNhYqSFcA-MF05sVFYZp9WeYyaOLBmBsghq5z0V8bULSU3KakbLiGyquwArGpCxMlQlURMqGMcc-gtDA-0OgUb8a02UEUENbjB45Co2f_gxJMEegCQho_B5opRLybY9DEYkC88WOvQjaF-LrxzuvFta5jf3fem5O85oZUubEe73VZtmcXz9g8EQSHTzRbVrgPryrH2Bx9rL5bBQ86MxPYghkmEgDptwBUqWi6rFKYVbkUPYSUMhH_zhZEs9rux-4zH3ovhideircwBXQHixVuHOUF31XBGVFD52M49QkUqzHnG3stCZxNPgt2Oh_hu_EJ1IXbSsime18e4ayJ32oDRAdN2-gKHl0PCrNbYUQlgyqUilYkdAffTUU6TXE7ex4W_6tiSh6norfHwMiabL1j2gSnMYFuz6o5I4kk-DcCLTamgwOslixCyA_busEw2V_vHxNnFWb2KK8j-O15FCGOCsa_3nzkR97UkH1kMXgCjcWqLHmNx6dZjSxmQGFRGDDaDCdO_8LBiY2-M-uqXzuQfwrFH2pIWU-MoM7-A_gVLZ26PCp-GC3TUyg4zEGVnmLqlVotDYhbxUHH0tmkEKmicZdRbqQZJr60_nh1-sWOTq5YRW3rsLgbB7cyZK0fL2TaGnYz293lKJz2Op7SXl3rkwM4hWNYrLA1ybvlA8NcrpCZz332W2RDnYevM_2MxN-PZ0JASId5XCGtN5btZAadqMHPKLb0EJ66mcS6VruzmYAgs5SAZunHyFhJ9hdbtw1xU7hzfUzHCa14FPwjy9nZJPxH_gd9oc62tDDxP9dWDmD-8TImD4xjYPm9BbNcBtGSjvkJ7DHz-QLgIQM4-EAkOAsjq6LPetMgM4wBaMyZW6IRaFcOKGQYoIUcd_bytJJdVocPCZ8WPeLLYKVT6iznBiPaCj1eUqNkHam-M-fd6-oz7K4gOEcE3XdJ_h7g6AIUeUeVw7yEMvtZvM1LAHNzl2mcp81Ll2hkS_J9QUpEm6wED7a8H7DhY5XpPjaExHVQHtnnmXjcVKY--Lj-B3t6TZEHe0oar2Dk28JfAH8IFsmfXMBGXAEgVyBius8bmwi9IyvWZduDEPzLEM-WWme3OfTCRpKU-I2tBeghnWTb6rQj27DdcRuSUaaXwEz8t2Mzaq_n6Tq6ym9Hvizb7antBvCTbaoJDQYITMnJ4n-tljpprlcnx6OFK9De8sEPx_nXYkTwaTZqjXhEHL4n2x1Kr3pPgyj9P32-KfxYE4af5xVMfxlfTMtXInMcgcFQVDTPGBifLdbj4W9L8mDoTaXHK3ZIvTOofiJwoacShSykeSZLezPmBl4bShAcbUz1NmFs0QKCbLDY2I8QQe_VwZ8dLJRa15gIonQJO7rbEGKgUlo1EWWNGQQtr6IIsu3ffgxFrNviGD_mr1df9Bzym6aNfirOgSenoBjU2q_Hn54xFUwBzrkv8UlXPZ61-Lae4xHvb4xlj_nL0DlgA_J1SLg0JOaGzye-rU_3vlw1WwRIWMW09kYxgfvu_dDvv7iqfT_FZ6x_tkwMBANUX3EE6UCMKK97nbcprDgeiefebq3_Hu1olYDZ-SZJoBbSrXr4gi5AwIscHeA7B_PDjcj98JU4RfRmBIcEu-EQvEflLjz9BNov-jz4u9vO-F_02bemBcsdAPSPmNuTIsNaJipk5jBDJSgMT0h58EsDhs5HmPEv3AY2uVIOhSVAeZJFdvS0vRTah8KE-rBRO5Wh1bLN3fYhGNNJPy3vMmGB3eBjPSrJgCo105UMJG4v456046kWzSUiXbkdFfAfCXapqB-hl5KLRek30dgQ7ZMtFFJpf3GyeeWvIf_w0DTU2UzojLF43oqxawvlPgheI5UaeL7xE71pGwR5K2Q73Zp8LZ5kzlJt84YEwFrv5R9DkIIJQ4CBnxKAmby3YtQ2wmQngcLv8YFRYg5_0ypuXySqb1XI-2539ABUmejr3M34EHehVlLe9anBbZP7jlVmQHz3zTs_0tOTwd-aHCfRQZxjot5kueDLJ384MXjePeKDcgGDqwRrQ1pENh61hqImCM9hMJev8IQgolxNsVXy9tcC-ei7YbwjLkOUGSinTtyPdJ3Q0z0fU24DgkmFzuZzTYc7cEU8w4UZOz-GT5o9WdAYdPHS7Ufto8rHXWE_F3urLa8ty0lSoY1gCk4_euv3cm0T_konYUjMGJneFVoH04ZMz_fg_8-TRqQp-ouG7nSuUhtT499AfGma5MzCrcD-Zrpj7X1UtAgyyb7JO499spZa-uxlEX37q-rOcAivTfLNYu1XM5p9KIQuTp9Az3YUR6eJDsY4T919L_fPGipa7MMnUoutAgCDIc1iFsG5WjnZ8iJREyOud0jKYZp-HUF6i5wU2z9MdgJb-1shhDV4CeeF0AW4Y1KFQsflYN9NPLuAiM32GadHWRVNmzjdI9xBtWLZg7lYQD3bfRm--lOx94jwkoZhSmB58ExBg3dPaGTQyYA3VaPxZPi7rNy9MNksx_CQLml7QiQ4yWJMPixlmFPn38Hf0TdUJEkGtFU19WG8VU2B2FmYmEjckqb8-tn3zyQgTqV2ly6LjuUAwU7HBCrQ&cid=CAQSSwDUE5ymbo8Zv6tSHJ6kO0r0wMpbo7p7BZp8prfmc_798aXNLA6z8mQi0vz25JVPmpaNfkb0Ja5Zi-BQF-u040gdFKsKQFakbV5jPxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Ftinhte.vn%2F&ds=l&xdt=1&iif=1&cor=12201777621400467000&adk=2923430907&idt=996&cac=0&dtd=5 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f36ee8b76d4db9bf8543c538fb77636f347475966feb48d5208c06560f02d6f5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Wed, 15 Mar 2023 10:28:37 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 36929 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	html_inpage_rendering_lib_200_276.js Show response s0.2mdn.net/879366/ Frame 5797	170 KB 59 KB	14ms 12ms	Script text/javascript	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js Requested by Host: tinhte.vn URL: https://tinhte.vn/members/tonic-studios.2969865/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ Origin https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 12:23:22 GMT content-encoding gzip x-content-type-options nosniff age 79515 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60311 x-xss-protection 0 last-modified Wed, 02 Mar 2022 23:07:25 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 15 Mar 2023 12:23:22 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20230313/r20110914/elements/html/ Frame 5797	8 KB 3 KB	13ms 12ms	Script text/javascript	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230313/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DD1yeG4P3V8CH6n1q4F-Y57xAkegrlye5ufFaUEq96OfgXPk5RRt0fy8ro_rzPzDZuswcT7bKJLlp_bsQPRKPM56j3r2_eJYyZYSrA6HCPAG7Ushk&cry=1&dbm_d=AKAmf-D_-GJrsdOWJiCx49gXDBl7aojErDP6tQSpxMlpBtCoDyDtt391B_G9pi5xPmWJ04Zpujw_xPmKbZ9eDzIG8koW-2DsUaZllwJR-7kdqU9BT-1P9kiptYnBu6l_1uBSGYbnVfuvhRmi64s6SfVbxPy-gysUcufsrm4Be6uDP0I9skU_SGfqgFqJorOF_Lhlh2qg4_TtCDr2xgprH-XKLefUaBPyXM0cRDhL7jGcBpOe8thnmCVPqp8RqsKWmOC2TQvFAXTZpbhYLBrDZIIpJDQXQbrhUxeErTH-hYmBe2HCBFCB5nq1sdPqOshy7z68nVvXmJPRo-xhguy8CEGpTVOeirq3K9qjaafc9-ZbSKTT0RVl-msWzclKeqaQU66H6BZLXvJD8XeA9wf-vyNtlqs6Pgc5Men8Ws1NVyOMWejTzh_3Pgdf8OyFjFVSmGoZRwkEYFJHbchdTMixXNuPQt3q_JdQSAjVxu2hGkUvJzZI59fQsHLLsyCf6EgAVq-cf4VTUWRFuXIG-ViJoEKEJFc9Nr3IjrgJnneICdA9UcsS1ZWzQDtGapvR3dqRbCVl88zg4O-vUQyy6D6FhictYHjVCrVe_c2EQGfpIHV9TRRT77twB4IsxwCrIzA1hIpKSxNuk26hJHsMWIvSRA0hQ0jn18E7QEbQIEqg5nXk6wv2G4ER51fnONOE-XW0qNBYkpPgeK4EvXaJpmgCUgMLRqijVa_YDqZZEoReqG3CDiNxGp0RfWLVGDA3ilpJSd5j3ij1yq9f1oNqx32JXeXE26KSs5mS6pb3kscx_qXSGKothGhhRWU4O4-LYwxvbBetcwcLC10ZzMO8spsbbHGD2rghptPkO_w1sPZhq2i15de_NIGGIYGlbHcpMIjmDxf1kke4v7Cqma14Z-jKPNGDwsolgThX3c-LIvsiFRm8ZNRmMFkEY3uL1LucLOGzqPldpDAT9gNv1bsPlL_4tqQA3jj9isZhG7V4cnGNqczmmD96f94xcZQZQVz9USHAm1d-V7Up_2DRMSI7Wo3TxBQ25U54B1gh3PdSTpbngQiEK1lCC1iKCv_v6EkX5q-bo2Km22vFsdpTnEctkfxZrcYC2XRkS9iaohL6xwfOr_9MUh5fL-91IVD_eTnWsSplXNNhYqSFcA-MF05sVFYZp9WeYyaOLBmBsghq5z0V8bULSU3KakbLiGyquwArGpCxMlQlURMqGMcc-gtDA-0OgUb8a02UEUENbjB45Co2f_gxJMEegCQho_B5opRLybY9DEYkC88WOvQjaF-LrxzuvFta5jf3fem5O85oZUubEe73VZtmcXz9g8EQSHTzRbVrgPryrH2Bx9rL5bBQ86MxPYghkmEgDptwBUqWi6rFKYVbkUPYSUMhH_zhZEs9rux-4zH3ovhideircwBXQHixVuHOUF31XBGVFD52M49QkUqzHnG3stCZxNPgt2Oh_hu_EJ1IXbSsime18e4ayJ32oDRAdN2-gKHl0PCrNbYUQlgyqUilYkdAffTUU6TXE7ex4W_6tiSh6norfHwMiabL1j2gSnMYFuz6o5I4kk-DcCLTamgwOslixCyA_busEw2V_vHxNnFWb2KK8j-O15FCGOCsa_3nzkR97UkH1kMXgCjcWqLHmNx6dZjSxmQGFRGDDaDCdO_8LBiY2-M-uqXzuQfwrFH2pIWU-MoM7-A_gVLZ26PCp-GC3TUyg4zEGVnmLqlVotDYhbxUHH0tmkEKmicZdRbqQZJr60_nh1-sWOTq5YRW3rsLgbB7cyZK0fL2TaGnYz293lKJz2Op7SXl3rkwM4hWNYrLA1ybvlA8NcrpCZz332W2RDnYevM_2MxN-PZ0JASId5XCGtN5btZAadqMHPKLb0EJ66mcS6VruzmYAgs5SAZunHyFhJ9hdbtw1xU7hzfUzHCa14FPwjy9nZJPxH_gd9oc62tDDxP9dWDmD-8TImD4xjYPm9BbNcBtGSjvkJ7DHz-QLgIQM4-EAkOAsjq6LPetMgM4wBaMyZW6IRaFcOKGQYoIUcd_bytJJdVocPCZ8WPeLLYKVT6iznBiPaCj1eUqNkHam-M-fd6-oz7K4gOEcE3XdJ_h7g6AIUeUeVw7yEMvtZvM1LAHNzl2mcp81Ll2hkS_J9QUpEm6wED7a8H7DhY5XpPjaExHVQHtnnmXjcVKY--Lj-B3t6TZEHe0oar2Dk28JfAH8IFsmfXMBGXAEgVyBius8bmwi9IyvWZduDEPzLEM-WWme3OfTCRpKU-I2tBeghnWTb6rQj27DdcRuSUaaXwEz8t2Mzaq_n6Tq6ym9Hvizb7antBvCTbaoJDQYITMnJ4n-tljpprlcnx6OFK9De8sEPx_nXYkTwaTZqjXhEHL4n2x1Kr3pPgyj9P32-KfxYE4af5xVMfxlfTMtXInMcgcFQVDTPGBifLdbj4W9L8mDoTaXHK3ZIvTOofiJwoacShSykeSZLezPmBl4bShAcbUz1NmFs0QKCbLDY2I8QQe_VwZ8dLJRa15gIonQJO7rbEGKgUlo1EWWNGQQtr6IIsu3ffgxFrNviGD_mr1df9Bzym6aNfirOgSenoBjU2q_Hn54xFUwBzrkv8UlXPZ61-Lae4xHvb4xlj_nL0DlgA_J1SLg0JOaGzye-rU_3vlw1WwRIWMW09kYxgfvu_dDvv7iqfT_FZ6x_tkwMBANUX3EE6UCMKK97nbcprDgeiefebq3_Hu1olYDZ-SZJoBbSrXr4gi5AwIscHeA7B_PDjcj98JU4RfRmBIcEu-EQvEflLjz9BNov-jz4u9vO-F_02bemBcsdAPSPmNuTIsNaJipk5jBDJSgMT0h58EsDhs5HmPEv3AY2uVIOhSVAeZJFdvS0vRTah8KE-rBRO5Wh1bLN3fYhGNNJPy3vMmGB3eBjPSrJgCo105UMJG4v456046kWzSUiXbkdFfAfCXapqB-hl5KLRek30dgQ7ZMtFFJpf3GyeeWvIf_w0DTU2UzojLF43oqxawvlPgheI5UaeL7xE71pGwR5K2Q73Zp8LZ5kzlJt84YEwFrv5R9DkIIJQ4CBnxKAmby3YtQ2wmQngcLv8YFRYg5_0ypuXySqb1XI-2539ABUmejr3M34EHehVlLe9anBbZP7jlVmQHz3zTs_0tOTwd-aHCfRQZxjot5kueDLJ384MXjePeKDcgGDqwRrQ1pENh61hqImCM9hMJev8IQgolxNsVXy9tcC-ei7YbwjLkOUGSinTtyPdJ3Q0z0fU24DgkmFzuZzTYc7cEU8w4UZOz-GT5o9WdAYdPHS7Ufto8rHXWE_F3urLa8ty0lSoY1gCk4_euv3cm0T_konYUjMGJneFVoH04ZMz_fg_8-TRqQp-ouG7nSuUhtT499AfGma5MzCrcD-Zrpj7X1UtAgyyb7JO499spZa-uxlEX37q-rOcAivTfLNYu1XM5p9KIQuTp9Az3YUR6eJDsY4T919L_fPGipa7MMnUoutAgCDIc1iFsG5WjnZ8iJREyOud0jKYZp-HUF6i5wU2z9MdgJb-1shhDV4CeeF0AW4Y1KFQsflYN9NPLuAiM32GadHWRVNmzjdI9xBtWLZg7lYQD3bfRm--lOx94jwkoZhSmB58ExBg3dPaGTQyYA3VaPxZPi7rNy9MNksx_CQLml7QiQ4yWJMPixlmFPn38Hf0TdUJEkGtFU19WG8VU2B2FmYmEjckqb8-tn3zyQgTqV2ly6LjuUAwU7HBCrQ&cid=CAQSSwDUE5ymbo8Zv6tSHJ6kO0r0wMpbo7p7BZp8prfmc_798aXNLA6z8mQi0vz25JVPmpaNfkb0Ja5Zi-BQF-u040gdFKsKQFakbV5jPxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Ftinhte.vn%2F&ds=l&xdt=1&iif=1&cor=12201777621400467000&adk=2923430907&idt=996&cac=0&dtd=5 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash 855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 14:30:09 GMT content-encoding br x-content-type-options nosniff age 71908 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3023 x-xss-protection 0 server cafe etag 4221495933888618527 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 28 Mar 2023 14:30:09 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20230313/r20110914/ Frame 5797	28 KB 11 KB	15ms 14ms	Script text/javascript	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230313/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DD1yeG4P3V8CH6n1q4F-Y57xAkegrlye5ufFaUEq96OfgXPk5RRt0fy8ro_rzPzDZuswcT7bKJLlp_bsQPRKPM56j3r2_eJYyZYSrA6HCPAG7Ushk&cry=1&dbm_d=AKAmf-D_-GJrsdOWJiCx49gXDBl7aojErDP6tQSpxMlpBtCoDyDtt391B_G9pi5xPmWJ04Zpujw_xPmKbZ9eDzIG8koW-2DsUaZllwJR-7kdqU9BT-1P9kiptYnBu6l_1uBSGYbnVfuvhRmi64s6SfVbxPy-gysUcufsrm4Be6uDP0I9skU_SGfqgFqJorOF_Lhlh2qg4_TtCDr2xgprH-XKLefUaBPyXM0cRDhL7jGcBpOe8thnmCVPqp8RqsKWmOC2TQvFAXTZpbhYLBrDZIIpJDQXQbrhUxeErTH-hYmBe2HCBFCB5nq1sdPqOshy7z68nVvXmJPRo-xhguy8CEGpTVOeirq3K9qjaafc9-ZbSKTT0RVl-msWzclKeqaQU66H6BZLXvJD8XeA9wf-vyNtlqs6Pgc5Men8Ws1NVyOMWejTzh_3Pgdf8OyFjFVSmGoZRwkEYFJHbchdTMixXNuPQt3q_JdQSAjVxu2hGkUvJzZI59fQsHLLsyCf6EgAVq-cf4VTUWRFuXIG-ViJoEKEJFc9Nr3IjrgJnneICdA9UcsS1ZWzQDtGapvR3dqRbCVl88zg4O-vUQyy6D6FhictYHjVCrVe_c2EQGfpIHV9TRRT77twB4IsxwCrIzA1hIpKSxNuk26hJHsMWIvSRA0hQ0jn18E7QEbQIEqg5nXk6wv2G4ER51fnONOE-XW0qNBYkpPgeK4EvXaJpmgCUgMLRqijVa_YDqZZEoReqG3CDiNxGp0RfWLVGDA3ilpJSd5j3ij1yq9f1oNqx32JXeXE26KSs5mS6pb3kscx_qXSGKothGhhRWU4O4-LYwxvbBetcwcLC10ZzMO8spsbbHGD2rghptPkO_w1sPZhq2i15de_NIGGIYGlbHcpMIjmDxf1kke4v7Cqma14Z-jKPNGDwsolgThX3c-LIvsiFRm8ZNRmMFkEY3uL1LucLOGzqPldpDAT9gNv1bsPlL_4tqQA3jj9isZhG7V4cnGNqczmmD96f94xcZQZQVz9USHAm1d-V7Up_2DRMSI7Wo3TxBQ25U54B1gh3PdSTpbngQiEK1lCC1iKCv_v6EkX5q-bo2Km22vFsdpTnEctkfxZrcYC2XRkS9iaohL6xwfOr_9MUh5fL-91IVD_eTnWsSplXNNhYqSFcA-MF05sVFYZp9WeYyaOLBmBsghq5z0V8bULSU3KakbLiGyquwArGpCxMlQlURMqGMcc-gtDA-0OgUb8a02UEUENbjB45Co2f_gxJMEegCQho_B5opRLybY9DEYkC88WOvQjaF-LrxzuvFta5jf3fem5O85oZUubEe73VZtmcXz9g8EQSHTzRbVrgPryrH2Bx9rL5bBQ86MxPYghkmEgDptwBUqWi6rFKYVbkUPYSUMhH_zhZEs9rux-4zH3ovhideircwBXQHixVuHOUF31XBGVFD52M49QkUqzHnG3stCZxNPgt2Oh_hu_EJ1IXbSsime18e4ayJ32oDRAdN2-gKHl0PCrNbYUQlgyqUilYkdAffTUU6TXE7ex4W_6tiSh6norfHwMiabL1j2gSnMYFuz6o5I4kk-DcCLTamgwOslixCyA_busEw2V_vHxNnFWb2KK8j-O15FCGOCsa_3nzkR97UkH1kMXgCjcWqLHmNx6dZjSxmQGFRGDDaDCdO_8LBiY2-M-uqXzuQfwrFH2pIWU-MoM7-A_gVLZ26PCp-GC3TUyg4zEGVnmLqlVotDYhbxUHH0tmkEKmicZdRbqQZJr60_nh1-sWOTq5YRW3rsLgbB7cyZK0fL2TaGnYz293lKJz2Op7SXl3rkwM4hWNYrLA1ybvlA8NcrpCZz332W2RDnYevM_2MxN-PZ0JASId5XCGtN5btZAadqMHPKLb0EJ66mcS6VruzmYAgs5SAZunHyFhJ9hdbtw1xU7hzfUzHCa14FPwjy9nZJPxH_gd9oc62tDDxP9dWDmD-8TImD4xjYPm9BbNcBtGSjvkJ7DHz-QLgIQM4-EAkOAsjq6LPetMgM4wBaMyZW6IRaFcOKGQYoIUcd_bytJJdVocPCZ8WPeLLYKVT6iznBiPaCj1eUqNkHam-M-fd6-oz7K4gOEcE3XdJ_h7g6AIUeUeVw7yEMvtZvM1LAHNzl2mcp81Ll2hkS_J9QUpEm6wED7a8H7DhY5XpPjaExHVQHtnnmXjcVKY--Lj-B3t6TZEHe0oar2Dk28JfAH8IFsmfXMBGXAEgVyBius8bmwi9IyvWZduDEPzLEM-WWme3OfTCRpKU-I2tBeghnWTb6rQj27DdcRuSUaaXwEz8t2Mzaq_n6Tq6ym9Hvizb7antBvCTbaoJDQYITMnJ4n-tljpprlcnx6OFK9De8sEPx_nXYkTwaTZqjXhEHL4n2x1Kr3pPgyj9P32-KfxYE4af5xVMfxlfTMtXInMcgcFQVDTPGBifLdbj4W9L8mDoTaXHK3ZIvTOofiJwoacShSykeSZLezPmBl4bShAcbUz1NmFs0QKCbLDY2I8QQe_VwZ8dLJRa15gIonQJO7rbEGKgUlo1EWWNGQQtr6IIsu3ffgxFrNviGD_mr1df9Bzym6aNfirOgSenoBjU2q_Hn54xFUwBzrkv8UlXPZ61-Lae4xHvb4xlj_nL0DlgA_J1SLg0JOaGzye-rU_3vlw1WwRIWMW09kYxgfvu_dDvv7iqfT_FZ6x_tkwMBANUX3EE6UCMKK97nbcprDgeiefebq3_Hu1olYDZ-SZJoBbSrXr4gi5AwIscHeA7B_PDjcj98JU4RfRmBIcEu-EQvEflLjz9BNov-jz4u9vO-F_02bemBcsdAPSPmNuTIsNaJipk5jBDJSgMT0h58EsDhs5HmPEv3AY2uVIOhSVAeZJFdvS0vRTah8KE-rBRO5Wh1bLN3fYhGNNJPy3vMmGB3eBjPSrJgCo105UMJG4v456046kWzSUiXbkdFfAfCXapqB-hl5KLRek30dgQ7ZMtFFJpf3GyeeWvIf_w0DTU2UzojLF43oqxawvlPgheI5UaeL7xE71pGwR5K2Q73Zp8LZ5kzlJt84YEwFrv5R9DkIIJQ4CBnxKAmby3YtQ2wmQngcLv8YFRYg5_0ypuXySqb1XI-2539ABUmejr3M34EHehVlLe9anBbZP7jlVmQHz3zTs_0tOTwd-aHCfRQZxjot5kueDLJ384MXjePeKDcgGDqwRrQ1pENh61hqImCM9hMJev8IQgolxNsVXy9tcC-ei7YbwjLkOUGSinTtyPdJ3Q0z0fU24DgkmFzuZzTYc7cEU8w4UZOz-GT5o9WdAYdPHS7Ufto8rHXWE_F3urLa8ty0lSoY1gCk4_euv3cm0T_konYUjMGJneFVoH04ZMz_fg_8-TRqQp-ouG7nSuUhtT499AfGma5MzCrcD-Zrpj7X1UtAgyyb7JO499spZa-uxlEX37q-rOcAivTfLNYu1XM5p9KIQuTp9Az3YUR6eJDsY4T919L_fPGipa7MMnUoutAgCDIc1iFsG5WjnZ8iJREyOud0jKYZp-HUF6i5wU2z9MdgJb-1shhDV4CeeF0AW4Y1KFQsflYN9NPLuAiM32GadHWRVNmzjdI9xBtWLZg7lYQD3bfRm--lOx94jwkoZhSmB58ExBg3dPaGTQyYA3VaPxZPi7rNy9MNksx_CQLml7QiQ4yWJMPixlmFPn38Hf0TdUJEkGtFU19WG8VU2B2FmYmEjckqb8-tn3zyQgTqV2ly6LjuUAwU7HBCrQ&cid=CAQSSwDUE5ymbo8Zv6tSHJ6kO0r0wMpbo7p7BZp8prfmc_798aXNLA6z8mQi0vz25JVPmpaNfkb0Ja5Zi-BQF-u040gdFKsKQFakbV5jPxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Ftinhte.vn%2F&ds=l&xdt=1&iif=1&cor=12201777621400467000&adk=2923430907&idt=996&cac=0&dtd=5 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash 80e6e26c955ada308d43c0df95285ef1f9c3642bf45647a92eaa7aa7ccde1853 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 03:13:26 GMT content-encoding br x-content-type-options nosniff age 26111 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 10964 x-xss-protection 0 server cafe etag 16728461614556933246 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 29 Mar 2023 03:13:26 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 5797	41 KB 15 KB	13ms 13ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: 827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com URL: https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 08 Mar 2023 12:23:19 GMT content-encoding gzip x-content-type-options nosniff age 597918 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 07 Mar 2024 12:23:19 GMT
GET DATA	200 OK	truncated / Frame 5797	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 53033884dff2913db5de210eb5ae702874a354025aaad9e24592aaedfdb6bece Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Content-Type image/png
GET H3	200	728x090.html Show response s0.2mdn.net/sadbundle/10596822557170597888/ Frame BBE5	47 KB 12 KB	21ms 20ms	Document text/html	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=BoNll2pE8M&t=1&renderingType=2&ev=01_247 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8fb600b02fc75812932069a9f79b2132dffbca1cd735dd8f8613d0f2850046d2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Wed, 15 Mar 2023 10:28:37 GMT expires Thu, 14 Mar 2024 10:28:37 GMT last-modified Wed, 15 Feb 2023 15:46:51 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 5797	0 0	59ms 57ms	Fetch image/gif	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssf806hrLgkgbslxFvdOnfoXg4hi0IkwvCOCRG-USmuVcqlU5o8YAjLkSKgjzJgrasFPnhp-dglkhm-zpqxsyxA4peYE2r0i3zLfzqRRKAMa6RO72V6V0gU8AwV6iOEplXSxWiZVH9mKGwVJGTNDmFsKPsUwUkDLENfjdJTysPRRlh__4nO0oG1qLzWWAyvvbWajFQqlmT2KBkWrZTJJQpLyFCR-SciaX4ny2w7ayz6V_iPNU7LR1a2q9NllVitLK5rzGyvHsAtmZqFffEGGwv29XfX-Z9LPetm34excXqQ5iYIZpRm9gxEx-4CMpsas2w7cXBVQTQZlkflVXzNSFHP4lKOEqwE8nFlNhxxOiG0Tau7neFd55NHR3GBerYZOYZHKjsz1obXuAQKj0iv8MXAmsx9oFIHNZwGlwYEWYWpS1rAVa5kw1JarPANPyGqQ7mKisvND4QndLyxJOvCTupSkZd1_Qh1345xpCnRWv2VI7z-_EImW2DAc8QduDzoRO97CJWyi3ovUnycT1T05STfNpRkyCAbgDcvS3qbJ4YCmjfFfS9FXfHiZget2UdjE_FWyyPMJ_yJe0X2FL6tysE4OJ8Vr5L5csofy_jZiYsqRZyJJYl1g-N7mb9myddEFKFY4_L3hUEaWLhXRYB5IhJj3Wb_RJBfkfUpTGhRj37sieb_mvQ-pT2W57JCQRCmfj1Ihuj5SzVmHngiZPQOWnIIFSwAUdhR1faQeYZwV0tIDwKluLMd5Vmwhk_Hz0eybhUiYaaIC7szut-tBEMYWP0vRG4tZvU2Xag0u6tt73_6uS1FGpUUzi3nAUUf8tztEto_l_46ZMxCuJGwh3E2pQL6P1sfE0RZdkHrQqkHqy93oWfBmRQ0Ng5m48_h-Pg3FY_xeMtkNTINA-P-wjColshUePnWjLK6JKc6OH0xG0JAndO_mI0L9NnpgnWUnxN4w4hCTO1E88k0_oKvT7fbYm-msiBIiyWoFBQqeHyMUG7fYwRHmKT8RsfwdPcsP8yH_8bVk-YH5YmGuJNqeZIKH6LfdHjZ0fpOmLPKjlroG9TKt4T7h5-TSj1jP4VJJ8ViYqyjozTUIHZEezs551VMAXqBU8dQQu2rycn8boyp9szGM_CGaQuMZvmC897NQSHm7hQkL9RVqthsb6wR31L4dd4Xgv_3z5HAwcVqAy_HGZKtWJvAnNjEVGFwhWyeDMdIeBYyAw0BoONIkfLJAoLqg3ebVqC3m4jn87ePKQvM3mtoJJUhuN7c9weZp-2CSXgV0rcvMN1GveHhTqjxC3_3o_tfPyaELHVZj8o&sai=AMfl-YSfGpnBtpa9chYJA7LeC0nGS0VWv8VwnhO8Vk74O-TcXydU1hEZZIzM25mfEGrXNoHmSWEGdD1RnCPVwQRUFXvDUklZbFvzdZLea5J2GQTeOTMeBDvDT54WsvltiNpZN4NIFmQUs5kW70m1m0oKHHyVJTIDOOuI2XjnhIAqOZH0W9HmR4Sb4s69ftT0mxk9htcyWxIhLsdIBirXYTZ2NsJzPAOBu0ZD5jAgklT5bnLmxyo7eopHkpYvVxgBrDWTh9KdgtU6SIO83LcYz2tdnoc1oQGg_oP7&sig=Cg0ArKJSzHFZp7na99IGEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=81&cbvp=1&cstd=73&cisv=r20230313.93336&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl= Requested by Host: tinhte.vn URL: https://tinhte.vn/members/tonic-studios.2969865/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Wed, 15 Mar 2023 10:28:37 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Wed, 15 Mar 2023 10:28:37 GMT
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 1394	22 KB 8 KB	13ms 12ms	Document text/html	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 329575 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Sat, 11 Mar 2023 14:55:42 GMT expires Sun, 10 Mar 2024 14:55:42 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	Enabler_01_247.js Show response s0.2mdn.net/879366/ Frame BBE5	118 KB 40 KB	13ms 12ms	Script text/javascript	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/Enabler_01_247.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=BoNll2pE8M&t=1&renderingType=2&ev=01_247 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=BoNll2pE8M&t=1&renderingType=2&ev=01_247 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 12:23:22 GMT content-encoding gzip x-content-type-options nosniff age 79515 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 41099 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:45:07 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 15 Mar 2023 12:23:22 GMT
GET H3	200	gsap_3.9.1_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame BBE5	63 KB 25 KB	26ms 25ms	Script text/javascript	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=BoNll2pE8M&t=1&renderingType=2&ev=01_247 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=BoNll2pE8M&t=1&renderingType=2&ev=01_247 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 10:28:37 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 25329 x-xss-protection 0 last-modified Wed, 29 Dec 2021 19:08:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 15 Mar 2023 10:28:37 GMT
GET H3	200	sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js Show response pagead2.googlesyndication.com/bg/ Frame 1394	36 KB 14 KB	15ms 12ms	Script text/javascript	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software sffe / Resource Hash b00ad1beb37a235f3d76b8c5e8e7ff4d0e978bfd09af561448ae81776767c9e2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Sun, 12 Mar 2023 09:28:59 GMT content-encoding br x-content-type-options nosniff age 262778 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14292 x-xss-protection 0 last-modified Mon, 06 Mar 2023 11:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 11 Mar 2024 09:28:59 GMT
GET H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 5797	0 0	53ms 52ms	Fetch image/gif	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssf806hrLgkgbslxFvdOnfoXg4hi0IkwvCOCRG-USmuVcqlU5o8YAjLkSKgjzJgrasFPnhp-dglkhm-zpqxsyxA4peYE2r0i3zLfzqRRKAMa6RO72V6V0gU8AwV6iOEplXSxWiZVH9mKGwVJGTNDmFsKPsUwUkDLENfjdJTysPRRlh__4nO0oG1qLzWWAyvvbWajFQqlmT2KBkWrZTJJQpLyFCR-SciaX4ny2w7ayz6V_iPNU7LR1a2q9NllVitLK5rzGyvHsAtmZqFffEGGwv29XfX-Z9LPetm34excXqQ5iYIZpRm9gxEx-4CMpsas2w7cXBVQTQZlkflVXzNSFHP4lKOEqwE8nFlNhxxOiG0Tau7neFd55NHR3GBerYZOYZHKjsz1obXuAQKj0iv8MXAmsx9oFIHNZwGlwYEWYWpS1rAVa5kw1JarPANPyGqQ7mKisvND4QndLyxJOvCTupSkZd1_Qh1345xpCnRWv2VI7z-_EImW2DAc8QduDzoRO97CJWyi3ovUnycT1T05STfNpRkyCAbgDcvS3qbJ4YCmjfFfS9FXfHiZget2UdjE_FWyyPMJ_yJe0X2FL6tysE4OJ8Vr5L5csofy_jZiYsqRZyJJYl1g-N7mb9myddEFKFY4_L3hUEaWLhXRYB5IhJj3Wb_RJBfkfUpTGhRj37sieb_mvQ-pT2W57JCQRCmfj1Ihuj5SzVmHngiZPQOWnIIFSwAUdhR1faQeYZwV0tIDwKluLMd5Vmwhk_Hz0eybhUiYaaIC7szut-tBEMYWP0vRG4tZvU2Xag0u6tt73_6uS1FGpUUzi3nAUUf8tztEto_l_46ZMxCuJGwh3E2pQL6P1sfE0RZdkHrQqkHqy93oWfBmRQ0Ng5m48_h-Pg3FY_xeMtkNTINA-P-wjColshUePnWjLK6JKc6OH0xG0JAndO_mI0L9NnpgnWUnxN4w4hCTO1E88k0_oKvT7fbYm-msiBIiyWoFBQqeHyMUG7fYwRHmKT8RsfwdPcsP8yH_8bVk-YH5YmGuJNqeZIKH6LfdHjZ0fpOmLPKjlroG9TKt4T7h5-TSj1jP4VJJ8ViYqyjozTUIHZEezs551VMAXqBU8dQQu2rycn8boyp9szGM_CGaQuMZvmC897NQSHm7hQkL9RVqthsb6wR31L4dd4Xgv_3z5HAwcVqAy_HGZKtWJvAnNjEVGFwhWyeDMdIeBYyAw0BoONIkfLJAoLqg3ebVqC3m4jn87ePKQvM3mtoJJUhuN7c9weZp-2CSXgV0rcvMN1GveHhTqjxC3_3o_tfPyaELHVZj8o&sai=AMfl-YSfGpnBtpa9chYJA7LeC0nGS0VWv8VwnhO8Vk74O-TcXydU1hEZZIzM25mfEGrXNoHmSWEGdD1RnCPVwQRUFXvDUklZbFvzdZLea5J2GQTeOTMeBDvDT54WsvltiNpZN4NIFmQUs5kW70m1m0oKHHyVJTIDOOuI2XjnhIAqOZH0W9HmR4Sb4s69ftT0mxk9htcyWxIhLsdIBirXYTZ2NsJzPAOBu0ZD5jAgklT5bnLmxyo7eopHkpYvVxgBrDWTh9KdgtU6SIO83LcYz2tdnoc1oQGg_oP7&sig=Cg0ArKJSzHFZp7na99IGEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=169&vt=11&dtpt=88&dett=3&cstd=73&cisv=r20230313.93336&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl= Requested by Host: tinhte.vn URL: https://tinhte.vn/members/tonic-studios.2969865/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 10:28:37 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Wed, 15 Mar 2023 10:28:37 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	14 KB 11 KB	89ms 60ms	XHR application/json	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023030901&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030901.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3bf05c806696b6dc6a717e3fc5ef729bcafe484ab770e6157864a8428bf1a2da Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 10:28:37 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11090 x-xss-protection 0
GET H3	200	OnAir-Bold.woff2 s0.2mdn.net/creatives/assets/4140742/ Frame BBE5	47 KB 47 KB	13ms 12ms	Font font/woff2	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=BoNll2pE8M&t=1&renderingType=2&ev=01_247 Origin https://s0.2mdn.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 10:19:14 GMT x-content-type-options nosniff age 563 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 47676 x-xss-protection 0 last-modified Thu, 06 May 2021 11:38:39 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 15 Mar 2023 10:34:14 GMT
GET H3	200	OnAir-Light.woff2 s0.2mdn.net/creatives/assets/4140742/ Frame BBE5	46 KB 46 KB	16ms 16ms	Font font/woff2	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=BoNll2pE8M&t=1&renderingType=2&ev=01_247 Origin https://s0.2mdn.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 10:27:56 GMT x-content-type-options nosniff age 41 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 46936 x-xss-protection 0 last-modified Thu, 06 May 2021 11:38:50 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 15 Mar 2023 10:42:56 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame BBE5	7 KB 6 KB	53ms 52ms	XHR application/json	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_247.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b9e3cc42b509eec8e60856bd62d46889e47ba43a7792809eda32e3a9d879fe06 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 10:28:37 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5739 x-xss-protection 0
GET H3	200	60005582_20210507060843268_Asset_Transparent.png s0.2mdn.net/ads/richmedia/studio/60005582/ Frame BBE5	2 KB 2 KB	28ms 26ms	Image image/png	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210507060843268_Asset_Transparent.png Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=BoNll2pE8M&t=1&renderingType=2&ev=01_247 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 19:30:16 GMT x-content-type-options nosniff age 53901 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2040 x-xss-protection 0 last-modified Fri, 07 May 2021 13:08:43 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 15 Mar 2023 19:30:16 GMT
GET H3	200	60005582_20221219080319341_ASSET.png s0.2mdn.net/ads/richmedia/studio/60005582/ Frame BBE5	14 KB 14 KB	33ms 32ms	Image image/png	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20221219080319341_ASSET.png Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ccd52e34d89e58acb89660010093704c99ce7ee79d7531d7e7cfab4577924561 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=BoNll2pE8M&t=1&renderingType=2&ev=01_247 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 01:12:23 GMT x-content-type-options nosniff age 33374 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14319 x-xss-protection 0 last-modified Mon, 19 Dec 2022 16:03:19 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 16 Mar 2023 01:12:23 GMT
GET H3	200	60005582_20221220240624023_728x090_LOOK-01.png s0.2mdn.net/ads/richmedia/studio/60005582/ Frame BBE5	32 KB 32 KB	24ms 23ms	Image image/png	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20221220240624023_728x090_LOOK-01.png Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 04df88230919c225ea5638b3a3f338941e8481e406c2ed15d2f6d3ad9eac8cef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=BoNll2pE8M&t=1&renderingType=2&ev=01_247 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 23:38:16 GMT x-content-type-options nosniff age 39021 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 32607 x-xss-protection 0 last-modified Tue, 20 Dec 2022 08:06:24 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 15 Mar 2023 23:38:16 GMT
GET H3	200	60005582_20220825085202338_728x090_BG.png s0.2mdn.net/ads/richmedia/studio/60005582/ Frame BBE5	30 KB 30 KB	22ms 21ms	Image image/png	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220825085202338_728x090_BG.png Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b5bfdb5e4886a5d739b60e2a8938706714242d4e9a68cb77281630a3e518faad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=BoNll2pE8M&t=1&renderingType=2&ev=01_247 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 23:01:28 GMT x-content-type-options nosniff age 41229 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30980 x-xss-protection 0 last-modified Thu, 25 Aug 2022 15:52:02 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 15 Mar 2023 23:01:28 GMT
GET H3	200	60005582_20221219081306317_728x090_INTRO.png s0.2mdn.net/ads/richmedia/studio/60005582/ Frame BBE5	30 KB 30 KB	28ms 27ms	Image image/png	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20221219081306317_728x090_INTRO.png Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a58f15cf7bbbadbd987dc3d213e88a866aea86bc8b54091c3afeee67b3654eeb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=BoNll2pE8M&t=1&renderingType=2&ev=01_247 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 23:38:16 GMT x-content-type-options nosniff age 39021 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30506 x-xss-protection 0 last-modified Mon, 19 Dec 2022 16:13:06 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 15 Mar 2023 23:38:16 GMT
GET H/1.1	200 OK	postview.gif portal.o2online.de/nws/img/ Frame BBE5	43 B 608 B	75ms 21ms	Image image/gif	141.101.90.97 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=29068126_4307561_355040902_170181287_SOHO0203B20230206&ref=29068126_4307561_355040902_170181287_SOHO0203B20230206 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 141.101.90.97 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Wed, 15 Mar 2023 10:28:38 GMT via 1.1 varnish-live-2-2 CF-Cache-Status HIT age 1346594 x-cache MISS p3p policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Connection keep-alive Content-Length 43 last-modified Wed, 15 Feb 2023 15:39:24 GMT Server cloudflare etag "2b-5f4bee2778300" Vary Accept-Encoding Content-Type image/gif x-varnish 71553153 cache-control public, max-age=31536000 Accept-Ranges bytes CF-RAY 7a841219ace33a52-FRA Expires Thu, 14 Mar 2024 10:28:38 GMT
GET H3	200	bubblespritesheettiny.png s0.2mdn.net/creatives/assets/4085730/ Frame BBE5	26 KB 26 KB	29ms 28ms	Image image/png	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=BoNll2pE8M&t=1&renderingType=2&ev=01_247 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 10:14:40 GMT x-content-type-options nosniff age 837 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 27068 x-xss-protection 0 last-modified Fri, 12 Mar 2021 15:44:55 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 15 Mar 2023 10:29:40 GMT
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame BBE5	17 KB 6 KB	26ms 26ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_247.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 10:28:38 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Wed, 15 Mar 2023 10:28:38 GMT
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	34ms 34ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030901.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 10:28:38 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Wed, 15 Mar 2023 10:28:38 GMT
GET H3	200	sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js Show response pagead2.googlesyndication.com/bg/ Frame CC8C	36 KB 14 KB	14ms 12ms	Script text/javascript	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software sffe / Resource Hash b00ad1beb37a235f3d76b8c5e8e7ff4d0e978bfd09af561448ae81776767c9e2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Sun, 12 Mar 2023 09:28:59 GMT content-encoding br x-content-type-options nosniff age 262779 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14292 x-xss-protection 0 last-modified Mon, 06 Mar 2023 11:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 11 Mar 2024 09:28:59 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 89FD	13 KB 5 KB	13ms 12ms	Document text/html	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinhte.vn/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1232 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Wed, 15 Mar 2023 10:08:06 GMT expires Thu, 14 Mar 2024 10:08:06 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame F826	783 B 968 B	24ms 22ms	Document text/html	2a00:1450:4001:813::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash b6a4b09be6bf712d3465b845c98424c82f4e6ec9d76af65940efc219d51f0ee0 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-CqGItEx1O-byXDgpuwR_Rg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://tinhte.vn/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-length 512 content-security-policy script-src 'report-sample' 'nonce-CqGItEx1O-byXDgpuwR_Rg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Wed, 15 Mar 2023 10:28:38 GMT expires Wed, 15 Mar 2023 10:28:38 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1394	0 20 B	48ms 47ms	Image image/gif	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BoDXS1Z0RZMntKfiB9u8P486w4A4AAAAAOAHgBAI&bg=!srGlseXNAAZKh9k7aoc7ADkAdvg8WqFWsIOpqAR_HW1iMxQhtatoWKx9ki7ShNkUHaWhGQ0WOuHobhYBrtsInG8KklC47dOBU2ACAAAAkVIAAAADaAEHmQL3CvQ2NXUpV3JQ03ee9RmO3QVwC9d8WW8h4bmuTSXXtcZleTN6Jr2fIoe6rxsI_WEyfOn08BZyI3RgfpNoJwGo7ZoXvinIKlqlSnK592--o9Sl6Cc3p_gXOFc6mTdfPx1-1nB_TKGpe9Jp-DQ16p4Jms_Rc6gYfUE6QryWnw7xnVbtUPKowf8gxHkyu9Bg9N7YlC6yvbXHveAU-JZ2go3PRWCdoDE1b9YGX4bqDSG4IMFOJM4vcwWl7GepfKOb_lWuiO2XvrU0DBZfLh72mSivN-Isqu4B0b35z8o3G1otNbn9TZswSGK1wK2_csjOwoNKzFnXcYzk7dAOAR3UIjx26TQFEax09_S9F_Bm_SmFWnER68Xq3SqrbN0kUhoqZyTdIJ4jN_w6TsBdygAg_iT0QTvCeyGORUG9n24dyAOYYGgv9FNWuGnCHcvVHWfIEd40hTbZVy1jrJ58IGtaD0qxWXPYWpWFX0YZdFRVn8pUfIZs4LvIesEXGIoxjKyM-Nci8UTLE873nX8vnuHNu2ZSFNrXP2HHNbj1zZAob99O_AqonY3EKgRNJMzSWhsTPJcsxLWp7VeS6NPu64j6Sv85nUBzbFrLQ6Ab__GcHloWhxxiOdV0h8ZUYmbJbVmyK4jAH8X7wbKiqpApyVYRIm0Rv5zeDcaCIw-0rorf9b-wjGjHDyyo3VzXrnmS4kXqAJVC2HmzQSZWbB1JOg3pZI9qc0TOyBkaXcL5lw4ykysoDBLEu4h_x_RGS6ul1wutrMz0NTkuDssE89Km8K1oVfsYjsdiXeFI4zjsPSymu31Hc8mcJHd58gQQdKIUoGMO0EA08Rw5sBwC9CzWpSKRYbU-s6WY8By_x5FlgQ0jNbxQrPkLSHCwKccCNDq14olhsk0zBn4Nt6e9Q_YDw7_8_2jP4PfN_PoPMNMDUyGLukyZCXuKJ8kysWuCfnhMGCaCOc3vKMPaA55M-6SwxfhTmRZ8Z4x_cYcdf4xABV1D2nolrGULGZV-l_Ls Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Wed, 15 Mar 2023 10:28:38 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame F826	0 0	45ms 45ms	Image text/html	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023030901&jk=1909024676338492&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers
GET H3	200	sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js Show response pagead2.googlesyndication.com/bg/ Frame 89FD	36 KB 14 KB	12ms 12ms	Script text/javascript	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software sffe / Resource Hash b00ad1beb37a235f3d76b8c5e8e7ff4d0e978bfd09af561448ae81776767c9e2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Sun, 12 Mar 2023 09:28:59 GMT content-encoding br x-content-type-options nosniff age 262779 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14292 x-xss-protection 0 last-modified Mon, 06 Mar 2023 11:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 11 Mar 2024 09:28:59 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 7138	42 B 64 B	49ms 49ms	Fetch image/gif	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvEAJbIk5Vj2u49cmdsmlhn_C1XlCu9rq130n68ozOGJBzQXAUj1bSJFEe4sVAYWpuksvVY4RNwQVTH7ZZO79PN_VUNYuzgUiJXSVFJEwhk8RN64CGZK5D8uqx9&sai=AMfl-YTye95fneNhfiQt-72FVsNy3oMBQAI7VMQB43EMh7aQmewcY96VrEx6kJiZTmfKrjVYF54vjcCC5SoX8e3AY25UK2K2NT1pGe4YP_cRVPKXmMnY-U67wrfoQrrSWaGbpqYizZiMWRLNgr_dmw&sig=Cg0ArKJSzFE3cyah8wFBEAE&cid=CAQSTADUE5yml8zLTRc6PtY7KjblnbG1CfdETS6YCKJ_fRiHzN7RxYMSPzOVYVYN5yWk1-CgLvsxoSKzpf1uWI-MGzrMvx_R-jMlQLjacCAYAQ&id=lidar2&mcvt=1009&p=125,436,215,1164&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20230313&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3593623497&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678876116949&rpt=240&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Wed, 15 Mar 2023 10:28:38 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 89FD	0 10 B	12ms 11ms	Image text/plain	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?x6wJVQ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 10:28:38 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 7138	0 20 B	45ms 45ms	Ping image/gif	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=928708548995&version=m202301230201&ct=76&x=1&cor=16794334381798205000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Wed, 15 Mar 2023 10:28:38 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	50ms 50ms	Image text/html	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023030901&jk=1909024676338492&bg=!JSalJnLNAAZKh9k7aoc7ADkAdvg8WgLAVDjiHIYEyX_Y6TtUwu_D9gu6fHHerrnaFXOcofiBhJzNjxBLuuZm7n1rWLZLbftCVkMCAAAAVlIAAAADaAEHCgAzdcdTMLfImDkDJzpij5BDZOp8mlmXIN1pQ27yoOxR7trI0bFydtfS-Djxp3PWn2uHj7UFmQKUkX2fMaO0U1jZvo9zHbbo1epVhgABn5RRwjJsohea5kLWVcU00E1bkl2q6TL9r9WYWgDzBpOFjyBYO-eNuEdKiqbeTZ3kogjt8npHO1g-dN91HVrmNXo5D_zHV6TtBiQuzF27kXLUBaxZGYSb9h-qLmXwK_ALwWXW6yrSknvAdO6wqQq3-SwVhC8MrCzfMOHJK8Jr6WtH17kY6HW-0FCLzg7ueCfNAkMvjg0lZp_Byou_WBteCJMipz_kH5c9Ro_xBjA7xUjoSzZlm2v3X852udnLCz9zbFBRol1nT3fo_vun92J3EG9RoK37mByKuslu1eGRXRDqiqnOfDsNpld-Zo5pjsyzDbeDDhuEzp6V6ZUSzfsGbO5bTVIsmzJbv6om5UvoRwtCv-L5-0TAIe7fVet0CGb74szM95BDRMXfYdrrWvhOqQtNz9UgogTM2DAcpHOhXrDD3mgL0wnm1wBMv8E-sLC66b0y-Ghxc_ssbYbnyAjB7eOVrDsWjB-M2qa0ImW_io_x79vLyU8m523c3_FpxG17NoM9gPNWSBSUtDkywADVhBx3Tt9-kD8i2ryvk30WJRFDPc3tBWNfwUlmPAj3GGiDY3ojrxXFpkAKnZInD4jaanP7xJgUjP0C6DU8Gs6NADYZSFkFmVXfbubWyzsr5PUTx4Vy4LAcroprx7R0jshoyQXPphuuhVF8AqdHJMkWx9RojCqS3d5thj2EM4qpT6pt7PidHOjfIsUpJ0RnzziVe3B3CXUGchMUmsI7LMnJ2Z1_u383luXBXhqBIMTXl2IKM0SXXcgcxwTCgDbDWxiYae4N_ZlUzgg6nbho7vu_sHcv5MDs0lZwsX4ei4OxwwoOrcMcLCo2Op6cLPbfYm_d Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 5797	42 B 64 B	49ms 48ms	Fetch image/gif	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvDtaM4Q0I6ZTMyC6kYJdmC2_5JjYn2cZRHJaH-q4Syv8C-6kUNg20mt8i8dyEgaQaTIGowmXr_G6sHkc2cBjcQADlogVOk4P0M1g8fzbD3w05uxP5izvSkgu5q4tJTMWXGHMHpPw&sai=AMfl-YT5EtNXSxNUJkcmxJR8ZaJWjCi8BvpAAyQ2oGbRys9JqweCbcySSMWnK6kjvRdNmtDTtklHYEC6_ogAmxbzwESZRYf2u5ClGgNUIz58XIHEY2ztypYsJqxSa-JmrEZYYNPoJZtEr_5xuCSb&sig=Cg0ArKJSzOHcUaMCwZcdEAE&cid=CAQSSwDUE5ymbo8Zv6tSHJ6kO0r0wMpbo7p7BZp8prfmc_798aXNLA6z8mQi0vz25JVPmpaNfkb0Ja5Zi-BQF-u040gdFKsKQFakbV5jPxgB&id=lidar2&mcvt=1000&p=828,436,918,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230313&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=983309566&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678876116619&rpt=1195&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Wed, 15 Mar 2023 10:28:38 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 5797	0 20 B	45ms 45ms	Ping image/gif	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5721240424975&version=m202301230201&ct=76&x=1&cor=12201777621400467000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://827e0105da869325720f314fff4736cd.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Wed, 15 Mar 2023 10:28:38 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	collect region1.google-analytics.com/g/	0 17 B	20ms 19ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-EHPF9BTE3E&gtm=45je33d0&_p=296842982&cid=581961977.1678876116&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1678876115&sct=1&seg=0&dl=https%3A%2F%2Ftinhte.vn%2Fmembers%2Ftonic-studios.2969865%2F&dt=Tonic%20Studios%20%7C%20Tinhte.vn&en=scroll&epn.percent_scrolled=90&_et=7 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-EHPF9BTE3E Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tinhte.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Wed, 15 Mar 2023 10:28:40 GMT server Golfe2 content-type text/plain access-control-allow-origin https://tinhte.vn cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT